Candidate: CVE-2009-1388
Description: 
 The OpenVZ Linux kernel team has found deadlock between ptrace and 
 coredump code. It affects 2.6.18 but does not affect the upstream kernel.
 .
 "ptrace_start() spins waiting for child->state == 
 TASK_TRACED/TASK_STOPPED. If we race with the coredumping, we have to 
 wait until it completes.
 .
 If the tracer participates in coredumping too, we deadlock. 
 do_coredump() waits for tracer to exit and report 
 complete(mm->core_startup_done), the tracer spins in an endless loop.
 .
 Change ptrace_start() to abort if child->mm->core_waiters != 0."
References:
 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-1388
 https://bugzilla.redhat.com/attachment.cgi?id=346742
Ubuntu-Description:
Notes: 
 I can't find the ptrace_start() code in any of the debian kernels, so i 
 believe this to be a redhat-specific issue
Bugs:
upstream: N/A
linux-2.6: N/A
2.6.18-etch-security: N/A
2.6.24-etch-security: N/A
2.6.26-lenny-security: N/A
2.6.15-dapper-security:
2.6.22-gutsy-security:
2.6.24-hardy-security:
2.6.27-intrepid-security: