[CVE-2013-4483] ipc/msg: fix race around refcount

Luis Henriques luis.henriques at canonical.com
Fri May 9 14:35:08 UTC 2014


Following this email, I'm sending a CVE-2013-4483 fix for Lucid.

Note that the actual upstream fix for this CVE is
6062a8dc0517bce23e3c2f7d2fea5e22411269a3 ("ipc,sem: fine grained
locking for semtimedop") by Rik van Riel.  However, this fix is quite
complex to backport to older kernels -- it introduces finer grained
locking in order to solve the CVE.

However, Konstantin Khlebnikov has submitted a different (and way
easier to backport!) fix for older stable kernels [1].  The fix I'm
sending for Lucid is a clean cherry-pick from Ben Hutchings's 3.2
stable kernel.

[1] http://thread.gmane.org/gmane.linux.kernel.stable/85001

Konstantin Khlebnikov (1):
  ipc/msg: fix race around refcount

 ipc/msg.c | 2 ++
 1 file changed, 2 insertions(+)

-- 
1.9.1





More information about the kernel-team mailing list