blob: 84af9587bbecae83c4a35d32ffcefd660118f7ab (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
Candidate: CVE-2005-3847
References:
CONFIRM:http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=dd12f48d4e8774415b528d3991ae47c28f26e1ac;hp=ade6648b3b11a5d81f6f28135193ab6d85d621db
MISC:http://groups.google.com/group/linux.kernel/browse_thread/thread/74683bcc8dbf0df3/bf540370894d3de0%23bf540370894d3de0?sa=X&oi=groupsr&start=0&num=3
MISC:http://svn.debian.org/wsvn/kernel/dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/nptl-signal-delivery-deadlock-fix.dpatch?op=file&rev=4458&sc=0
Description:
Bhavesh P. Davda reported a race condition that exists in Linux 2.6 kernels prior to
2.6.13 and 2.6.12.6. A deadlock can occur when a SIGKILL signal is sent to a real-time
threaded process that is dumping core, which can be used by a local user to initiate
a denial of service attack.
Notes:
handle_stop_signal() in 2.4 looks significantly different, and since this bug
is associated with NPTL, I don't think we need to worry about in 2.4.
CVE description is actually as follows:
signal.c in Linux kernel before 2.6.13 and 2.6.12.6 and earlier allows
local users to cause a denial of service (deadlock) by sending a
SIGKILL to a real-time threaded process while it is performing a core
dump.
Bug:
upstream: released (2.6.12.6, 2.6.13)
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16sarge2) [nptl-signal-delivery-deadlock-fix.dpatch]
2.4.27-sarge-security: N/A
2.4.19-woody-security:
2.4.18-woody-security:
2.4.17-woody-security:
2.4.16-woody-security:
2.4.17-woody-security-hppa:
2.4.17-woody-security-ia64:
2.4.18-woody-security-hppa:
|