oss-sec mailing list archives

Re: Linux kernel futex local privilege escalation (CVE-2014-3153)

From: Rich Felker <dalias () libc org>
Date: Thu, 5 Jun 2014 23:38:27 -0400

On Thu, Jun 05, 2014 at 06:45:45PM +0400, Solar Designer wrote:

Hi,

This was handled via linux-distros, hence the mandatory oss-security
posting.  The issue was made public earlier today, and is included in
this Debian advisory:

https://lists.debian.org/debian-security-announce/2014/msg00130.html

---
CVE-2014-3153

    Pinkie Pie discovered an issue in the futex subsystem that allows a
    local user to gain ring 0 control via the futex syscall. An
    unprivileged user could use this flaw to crash the kernel (resulting
    in denial of service) or for privilege escalation.
---

I've attached patches by Thomas Gleixner (four e-mails, in mbox format),
as well as back-ports of those by John Johansen of Canonical, who wrote:


Maybe I'm missing something, but I can't find any statement of what
version these patches are intended to apply cleanly to. They don't
apply to latest stable.

Rich

Current thread:

Linux kernel futex local privilege escalation (CVE-2014-3153) Solar Designer (Jun 05)
- Re: Linux kernel futex local privilege escalation (CVE-2014-3153) Solar Designer (Jun 05)
  - Re: Linux kernel futex local privilege escalation (CVE-2014-3153) Greg KH (Jun 05)
- Re: Linux kernel futex local privilege escalation (CVE-2014-3153) Kees Cook (Jun 05)
- Re: Linux kernel futex local privilege escalation (CVE-2014-3153) Phil Turnbull (Jun 05)
  - Re: Linux kernel futex local privilege escalation (CVE-2014-3153) John Johansen (Jun 05)
- Re: Linux kernel futex local privilege escalation (CVE-2014-3153) Rich Felker (Jun 05)
  - Re: Linux kernel futex local privilege escalation (CVE-2014-3153) Solar Designer (Jun 05)
    - Re: Linux kernel futex local privilege escalation (CVE-2014-3153) Rich Felker (Jun 05)
    - Re: Linux kernel futex local privilege escalation (CVE-2014-3153) Thomas Gleixner (Jun 05)
    - Re: Linux kernel futex local privilege escalation (CVE-2014-3153) rf (Jun 06)
    - Re: Linux kernel futex local privilege escalation (CVE-2014-3153) Greg KH (Jun 06)
    - Re: Linux kernel futex local privilege escalation (CVE-2014-3153) rf (Jun 06)
    - Re: Linux kernel futex local privilege escalation (CVE-2014-3153) Greg KH (Jun 06)
    - Re: Linux kernel futex local privilege escalation (CVE-2014-3153) rf (Jun 06)
    - Re: Linux kernel futex local privilege escalation (CVE-2014-3153) Rich Felker (Jun 06)
    - Re: Linux kernel futex local privilege escalation (CVE-2014-3153) Greg KH (Jun 06)

(Thread continues...)