[CVE-2011-2484] taskstats: don't allow duplicate entries in listener mode
Andy Whitcroft
apw at canonical.com
Thu Jul 7 11:17:06 UTC 2011
CVE-2011-2484
The add_del_listener function in kernel/taskstats.c in the Linux
kernel 2.6.39.1 and earlier does not prevent multiple registrations
of exit handlers, which allows local users to cause a denial of
service (memory and CPU consumption), and bypass the OOM Killer,
via a crafted application.
The fix for this issue has already hit oneiric via upstream. Following
this email are two patches, one a backport for hardy, and the other a
clean cherry-pick of the upstream commit for lucid, lucid/fsl-imx51,
maverick, maverick/ti-omap4, natty, and natty/ti-omap4.
Proposing for SRU to hardy, lucid, lucid/fsl-imx51, maverick,
maverick/ti-omap4, natty, and natty/ti-omap4.
-apw
More information about the kernel-team
mailing list