Multiple race conditions in fs/pipe.c in the Linux kernel before
2.6.32-rc6 allow local users to cause a denial of service (NULL
pointer dereference and system crash) or gain privileges by
attempting to open an anonymous pipe via a /proc/*/fd/ pathname.
Created attachment 209281 [details, diff]
Fix for CVE-2009-3547
Further information: http://xorl.wordpress.com/2009/11/03/cve-2009-3547-linux-kernel-pipe-null-pointer-dereference-race-condition/
Kernel: please include this patch at least in the .31 you want to stabilize.
In svn for the next release of gentoo-sources-2.6.31
and in svn for 2.6.30, also
released in gentoo-sources-2.6.30-r9 (genpatches 2.6.30-10) and gentoo-sources-2.6.31 (gentpatches 2.6.31-6)