Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 307451 (CVE-2010-0623)

Summary: Kernel: futex_lock_pi() DoS (CVE-2010-0623)
Product: Gentoo Security Reporter: Alex Legler (RETIRED) <a3li>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: jaak
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5ecb01cfdf96c5f465192bdb2a4fd4a61a24c6cc
Whiteboard: [ > 2.6.28-git3 < 2.6.33-rc7 ]
Package list:
Runtime testing required: ---

Description Alex Legler (RETIRED) archtester gentoo-dev Security 2010-03-02 09:44:56 UTC 
CVE-2010-0623 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0623):
  The futex_lock_pi function in kernel/futex.c in the Linux kernel
  before 2.6.33-rc7 does not properly manage a certain reference count,
  which allows local users to cause a denial of service (OOPS) via
  vectors involving an unmount of an ext3 filesystem.