Bug 506438 (CVE-2014-2673)

Summary:	Kernel: crash when forking inside a transaction (CVE-2014-2673)
Product:	Gentoo Security	Reporter:	Agostino Sarubbo <ago>
Component:	Kernel	Assignee:	Gentoo Kernel Security <security-kernel>
Status:	RESOLVED FIXED
Severity:	normal	CC:	kernel
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:
Package list:		Runtime testing required:	---

Description Agostino Sarubbo gentoo-dev

2014-04-01 10:42:03 UTC

CVE-2014-2673 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2673):

The arch_dup_task_struct function in the Transactional Memory (TM) implementation in 
arch/powerpc/kernel/process.c in the Linux kernel before 3.13.7 on the powerpc platform does not properly 
interact with the clone and fork system calls, which allows local users to cause a denial of service 
(Program Check and system crash) via certain instructions that are executed with the processor in the 
Transactional state.

Comment 1 GLSAMaker/CVETool Bot gentoo-dev

2014-08-10 21:56:35 UTC

CVE-2014-2673 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2673):
  The arch_dup_task_struct function in the Transactional Memory (TM)
  implementation in arch/powerpc/kernel/process.c in the Linux kernel before
  3.13.7 on the powerpc platform does not properly interact with the clone and
  fork system calls, which allows local users to cause a denial of service
  (Program Check and system crash) via certain instructions that are executed
  with the processor in the Transactional state.

Comment 2 John Helmert III archtester

2022-03-25 21:58:59 UTC

Fix in 3.14, https://github.com/torvalds/linux/commit/621b5060e823301d0cba4cb52a7ee3491922d291