Candidate: CVE-2005-3847
References: 
 CONFIRM:http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=dd12f48d4e8774415b528d3991ae47c28f26e1ac;hp=ade6648b3b11a5d81f6f28135193ab6d85d621db
 MISC:http://groups.google.com/group/linux.kernel/browse_thread/thread/74683bcc8dbf0df3/bf540370894d3de0%23bf540370894d3de0?sa=X&oi=groupsr&start=0&num=3
 MISC:http://svn.debian.org/wsvn/kernel/dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/nptl-signal-delivery-deadlock-fix.dpatch?op=file&rev=4458&sc=0
Description: 
 Bhavesh P. Davda reported a race condition that exists in Linux 2.6 kernels prior to
 2.6.13 and 2.6.12.6.  A deadlock can occur when a SIGKILL signal is sent to a real-time
 threaded process that is dumping core, which can be used by a local user to initiate
 a denial of service attack.
Notes: 
 handle_stop_signal() in 2.4 looks significantly different, and since this bug
 is associated with NPTL, I don't think we need to worry about in 2.4.
 CVE description is actually as follows:
 signal.c in Linux kernel before 2.6.13 and 2.6.12.6 and earlier allows
 local users to cause a denial of service (deadlock) by sending a
 SIGKILL to a real-time threaded process while it is performing a core
 dump.
Bug: 
upstream: released (2.6.12.6, 2.6.13)
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16sarge2) [nptl-signal-delivery-deadlock-fix.dpatch]
2.4.27-sarge-security: N/A
2.4.19-woody-security: 
2.4.18-woody-security: 
2.4.17-woody-security: 
2.4.16-woody-security: 
2.4.17-woody-security-hppa: 
2.4.17-woody-security-ia64: 
2.4.18-woody-security-hppa: