Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 14 May 2014 18:41:14 +0530 (IST)
From: P J P <>
To: oss security list <>
Subject: CVE request Linux kernel: forbid uaddr == uaddr2 in futex_wait_requeue_pi()
 to avoid null dereference


Linux kernel built with the fast userspace mutexes(CONFIG_FUTEX) support is 
vulnerable to a NULL pointer dereference flaw. It could occur when a waiting 
task requests wait to be re-queued from non-PI futex to a PI-aware futex via 

An unprivileged user/program could use this flaw to crash the system kernel 
resulting in DoS.

Upstream fix:

Introduced in:

Thank you.
Prasad J Pandit / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.