[CVE-2010-3086] x86: replace LOCK_PREFIX in futex.h
Tim Gardner
tim.gardner at canonical.com
Wed Feb 2 13:39:39 UTC 2011
On 02/01/2011 09:52 AM, Andy Whitcroft wrote:
> CVE-2010-3086:
>
> include/asm-x86/futex.h in the Linux kernel before 2.6.25 does
> not properly implement exception fixup, which allows local users
> to cause a denial of service (panic) via an invalid application
> that triggers a page fault.
>
> It seems that everything Karmic and up already has the fixes required
> here. Hardy has already receieved the fix-up via upstream stable. The
> backport for Dapper seems pretty straight forward. Following this email
> is the backport for Dapper.
>
> Of concern is that I am completely unable to test that this does what it
> says on the tin. This should be identicle to changes in Hardy which
> have been in place for a long time; should.
>
> -apw
>
applied and pushed
--
Tim Gardner tim.gardner at canonical.com
More information about the kernel-team
mailing list