← Back to team overview

kernel-packages team mailing list archive

[Bug 1326367] Re: exploitable futex vulnerability

 

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1326367

Title:
  exploitable futex vulnerability

Status in “linux” package in Ubuntu:
  Confirmed

Bug description:
  If uaddr == uaddr2, then we have broken the rule of only requeueing from
  a non-pi futex to a pi futex with this call. If we attempt this, then
  dangling pointers may be left for rt_waiter resulting in an exploitable
  condition.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1326367/+subscriptions