Description: A vulnerability was reported in the LInux kernel futex functions. A local user can cause the kernel to crash. Some kernel futex functions invoke get_user() calls while holding mmap_sem for reading. If a get_user() function fails while another thread is in mmap, then the do_page_fault() function will deadlock. Another similar deadlock condition may occur. A local user can exploit this to cause denial of service conditions on the target system. The flaw resides in 'kernel/futex.c'. Olof Johansson reported this vulnerability. Impact: A local user can cause the target system to crash. Solution: A development patch (and changeset) is available, as described at: http://lkml.org/lkml/2005/2/22/185
Patch: http://linux.bkbits.net:8080/linux-2.6/gnupatch@421cfc11zFsK9gxvSJ2t__FCmuUd3Q
mips-sources fixed.
Same old, same old: http://kiss.gentoo.org/dev/viewBug.php?BugID=87573
All fixed, closing bug.
http://git.kernel.org/?p=linux/kernel/git/tglx/history.git;a=commit;h=f5f23ec8d572816c7ff9c6e5eb0c209c9faa008e