ACK: [CVE-2011-2484] taskstats: don't allow duplicate entries in listener mode
Stefan Bader
stefan.bader at canonical.com
Thu Jul 7 11:56:48 UTC 2011
On 07.07.2011 13:17, Andy Whitcroft wrote:
> CVE-2011-2484
> The add_del_listener function in kernel/taskstats.c in the Linux
> kernel 2.6.39.1 and earlier does not prevent multiple registrations
> of exit handlers, which allows local users to cause a denial of
> service (memory and CPU consumption), and bypass the OOM Killer,
> via a crafted application.
>
> The fix for this issue has already hit oneiric via upstream. Following
> this email are two patches, one a backport for hardy, and the other a
> clean cherry-pick of the upstream commit for lucid, lucid/fsl-imx51,
> maverick, maverick/ti-omap4, natty, and natty/ti-omap4.
>
> Proposing for SRU to hardy, lucid, lucid/fsl-imx51, maverick,
> maverick/ti-omap4, natty, and natty/ti-omap4.
>
> -apw
>
Backport looks like doing the same thing. Other a clean pick.
Acked-by: Stefan Bader <stefan.bader at canonical.com>
More information about the kernel-team
mailing list