[CVE-2010-3086] x86: replace LOCK_PREFIX in futex.h
Andy Whitcroft
apw at canonical.com
Tue Feb 1 16:52:14 UTC 2011
CVE-2010-3086:
include/asm-x86/futex.h in the Linux kernel before 2.6.25 does
not properly implement exception fixup, which allows local users
to cause a denial of service (panic) via an invalid application
that triggers a page fault.
It seems that everything Karmic and up already has the fixes required
here. Hardy has already receieved the fix-up via upstream stable. The
backport for Dapper seems pretty straight forward. Following this email
is the backport for Dapper.
Of concern is that I am completely unable to test that this does what it
says on the tin. This should be identicle to changes in Hardy which
have been in place for a long time; should.
-apw
More information about the kernel-team
mailing list