Description: race condition between mmget_not_zero()/get_task_mm() and core dumping References: https://bugzilla.redhat.com/show_bug.cgi?id=1696015 https://marc.info/?l=linux-mm&m=155355419911404&w=2 https://bugs.chromium.org/p/project-zero/issues/detail?id=1790 Notes: carnil> Effect of the race condition should be reproducible since carnil> before commit 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, cf. carnil> https://marc.info/?l=linux-mm&m=155355419911404&w=2 . bwh> The backports to 4.4 and 4.9 are still under discussion. bwh> The backport to 3.16 might need to be revised based on this. Bugs: upstream: released (5.1-rc6) [04f5866e41fb70690e28397487d8bd8eea7d712a] 4.19-upstream-stable: released (4.19.37) [6ff17bc5936e5fab33de8064dc0690f6c8c789ca] 4.9-upstream-stable: released (4.9.188) [16903f1a5ba7707c051edfdfa457620bba45e2c9] 3.16-upstream-stable: released (3.16.66) [a301e6a651037c11d2d9932a35fb56a04eedba8c] sid: released (4.19.37-1) 4.19-buster-security: N/A "Fixed before branching point" 4.9-stretch-security: released (4.9.168-1+deb9u3) [bugfix/all/coredump-fix-race-condition-between-mmget_not_zero-get_task_mm-and-core-dumping.patch] 3.16-jessie-security: released (3.16.68-1)