from ${URL}: A flaw was found in the way ipc_rcu_putref() function handled reference counter decrementing. Without external synchronization reference counter might not be adjusted properly, as presented with the freeque() vs do_msgsnd() race, leading to memory leaks. An unprivileged local user could use this flaw to cause OOM conditions, potentially crashing the system. References: https://bugzilla.redhat.com/show_bug.cgi?id=1024854 https://wiki.openvz.org/Download/kernel/rhel6-testing/042stab084.3 Upstream patch: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6062a8 (making the refcounter atomic hunks) Acknowledgements: Red Hat would like to thank Vladimir Davydov (Parallels) for reporting this issue.
CVE-2013-4483 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4483): The ipc_rcu_putref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a reference count, which allows local users to cause a denial of service (memory consumption or system crash) via a crafted application.
we have 3.10 stabilized anyway, no older versions