[Kernel-packages] [Bug 1326367] Re: exploitable futex vulnerability

Thu, 05 Jun 2014 12:47:38 -0700 

This bug was fixed in the package linux-lts-saucy -
3.11.0-23.40~precise1

---------------
linux-lts-saucy (3.11.0-23.40~precise1) precise; urgency=low

  [ Upstream Kernel Changes ]

  * futex-prevent-requeue-pi-on-same-futex.patch futex: Forbid uaddr ==
    uaddr2 in futex_requeue(..., requeue_pi=1)
    - LP: #1326367
    - CVE-2014-3153
  * futex: Validate atomic acquisition in futex_lock_pi_atomic()
    - LP: #1326367
    - CVE-2014-3153
  * futex: Always cleanup owner tid in unlock_pi
    - LP: #1326367
    - CVE-2014-3153
  * futex: Make lookup_pi_state more robust
    - LP: #1326367
    - CVE-2014-3153
 -- Brad Figg <brad.f...@canonical.com>   Wed, 04 Jun 2014 09:12:14 -0700

** Changed in: linux-lts-saucy (Ubuntu Precise)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1326367

Title:
  exploitable futex vulnerability

Status in “linux” package in Ubuntu:
  Confirmed
Status in “linux-armadaxp” package in Ubuntu:
  Invalid
Status in “linux-ec2” package in Ubuntu:
  Invalid
Status in “linux-fsl-imx51” package in Ubuntu:
  Invalid
Status in “linux-lts-quantal” package in Ubuntu:
  Invalid
Status in “linux-lts-raring” package in Ubuntu:
  Invalid
Status in “linux-lts-saucy” package in Ubuntu:
  Invalid
Status in “linux-mvl-dove” package in Ubuntu:
  Invalid
Status in “linux-ti-omap4” package in Ubuntu:
  Invalid
Status in “linux” source package in Lucid:
  Fix Released
Status in “linux-armadaxp” source package in Lucid:
  Invalid
Status in “linux-ec2” source package in Lucid:
  New
Status in “linux-fsl-imx51” source package in Lucid:
  Invalid
Status in “linux-lts-quantal” source package in Lucid:
  Invalid
Status in “linux-lts-raring” source package in Lucid:
  Invalid
Status in “linux-lts-saucy” source package in Lucid:
  Invalid
Status in “linux-mvl-dove” source package in Lucid:
  Invalid
Status in “linux-ti-omap4” source package in Lucid:
  Invalid
Status in “linux” source package in Precise:
  New
Status in “linux-armadaxp” source package in Precise:
  New
Status in “linux-ec2” source package in Precise:
  Invalid
Status in “linux-fsl-imx51” source package in Precise:
  Invalid
Status in “linux-lts-quantal” source package in Precise:
  Fix Released
Status in “linux-lts-raring” source package in Precise:
  Fix Released
Status in “linux-lts-saucy” source package in Precise:
  Fix Released
Status in “linux-mvl-dove” source package in Precise:
  Invalid
Status in “linux-ti-omap4” source package in Precise:
  New
Status in “linux” source package in Saucy:
  Fix Released
Status in “linux-armadaxp” source package in Saucy:
  Invalid
Status in “linux-ec2” source package in Saucy:
  Invalid
Status in “linux-fsl-imx51” source package in Saucy:
  Invalid
Status in “linux-lts-quantal” source package in Saucy:
  Invalid
Status in “linux-lts-raring” source package in Saucy:
  Invalid
Status in “linux-lts-saucy” source package in Saucy:
  Invalid
Status in “linux-mvl-dove” source package in Saucy:
  Invalid
Status in “linux-ti-omap4” source package in Saucy:
  New
Status in “linux” source package in Trusty:
  Fix Released
Status in “linux-armadaxp” source package in Trusty:
  Invalid
Status in “linux-ec2” source package in Trusty:
  Invalid
Status in “linux-fsl-imx51” source package in Trusty:
  Invalid
Status in “linux-lts-quantal” source package in Trusty:
  Invalid
Status in “linux-lts-raring” source package in Trusty:
  Invalid
Status in “linux-lts-saucy” source package in Trusty:
  Invalid
Status in “linux-mvl-dove” source package in Trusty:
  Invalid
Status in “linux-ti-omap4” source package in Trusty:
  Invalid
Status in “linux” source package in Utopic:
  Confirmed
Status in “linux-armadaxp” source package in Utopic:
  Invalid
Status in “linux-ec2” source package in Utopic:
  Invalid
Status in “linux-fsl-imx51” source package in Utopic:
  Invalid
Status in “linux-lts-quantal” source package in Utopic:
  Invalid
Status in “linux-lts-raring” source package in Utopic:
  Invalid
Status in “linux-lts-saucy” source package in Utopic:
  Invalid
Status in “linux-mvl-dove” source package in Utopic:
  Invalid
Status in “linux-ti-omap4” source package in Utopic:
  Invalid

Bug description:
  If uaddr == uaddr2, then we have broken the rule of only requeueing
  from a non-pi futex to a pi futex with this call. If we attempt this,
  then dangling pointers may be left for rt_waiter resulting in an
  exploitable condition.

  Break-Fix: 52400ba946759af28442dee6265c5c0180ac7122 -

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1326367/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to