oss-sec mailing list archives
Re: CVE request Linux kernel: forbid uaddr == uaddr2 in futex_wait_requeue_pi() to avoid null dereference
From: cve-assign () mitre org
Date: Wed, 14 May 2014 12:16:16 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Linux kernel built with the fast userspace mutexes(CONFIG_FUTEX) support is vulnerable to a NULL pointer dereference flaw. It could occur when a waiting task requests wait to be re-queued from non-PI futex to a PI-aware futex via FUTEX_WAIT_REQUEUE_PI operation. An unprivileged user/program could use this flaw to crash the system kernel resulting in DoS. https://git.kernel.org/linus/6f7b0a2a5c0fb03be7c25bd1745baa50582348ef
Use CVE-2012-6647. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJTc5Z5AAoJEKllVAevmvmsmSkH/0eNY313nX9uZpL0ODQFolgq mNjz1UE8XJd9ZeQYamteDtZu7K4xJfiuqtlImbkBEZ8gCnXuDIwKNisgCnkbpolE /X8OzQVR3HL/ZVOJhuKtjztMxZenyEIpVNwHFnPWMs2fbsTHYCBP53KdaA1kW1tY EPZ19X0AroIpMBBh1suzTLcxkIJEOCghQ/2lledEvx05ok+dgTstwe2FJ16tyKX1 M+6WQLhts42Rlhf/07bAMTRf03UsMmeDr9gWLtVsX6JXvzXqYHEEUUIzyDLZQjA+ ezfp/vL6sp67fPj8uz0DKWaJl2dMBk7W6p7fZYed4a66SCsNCgptWxpDsi5IvxI= =T8n3 -----END PGP SIGNATURE-----
Current thread:
- CVE request Linux kernel: forbid uaddr == uaddr2 in futex_wait_requeue_pi() to avoid null dereference P J P (May 14)
- Re: CVE request Linux kernel: forbid uaddr == uaddr2 in futex_wait_requeue_pi() to avoid null dereference Greg KH (May 14)
- Re: CVE request Linux kernel: forbid uaddr == uaddr2 in futex_wait_requeue_pi() to avoid null dereference cve-assign (May 14)