oss-sec mailing list archives

Re: CVE request -- kernel: perf: fix software event overflow

From: Eugene Teo <eugene () redhat com>
Date: Tue, 16 Aug 2011 09:08:22 +0800

On 08/15/2011 09:43 PM, Petr Matousek wrote:

Hello Steve, vendors.

Description:
Under certain circumstances software event overflows go wrong and
deadlock. Avoid trying to delete a timer from the timer callback.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=730706
https://lkml.org/lkml/2011/7/27/337 (reproducer)
https://lkml.org/lkml/2011/7/28/284 (fix)

Upstream fix:
a8b0ca17b80e92faab46ee7179ba9e99ccb61233 (much larger patch that
contains the hunk referenced above)


Use CVE-2011-2918.

Thanks, Eugene

Current thread:

CVE request -- kernel: perf: fix software event overflow Petr Matousek (Aug 15)
- Re: CVE request -- kernel: perf: fix software event overflow Eugene Teo (Aug 15)