blob: 6038ddbe5ad779044fe7acd0e769dc1059b4f631 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
Candidate: CVE-2006-3634
References:
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=bafe00cc9297ca77b66e5c83e5e65e17c0c997c8
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=13492c50f69bdf60a42debc6bd3ec49cc1dc941e
Description:
The (1) __futex_atomic_op and (2) futex_atomic_cmpxchg_inatomic functions in
Linux kernel 2.6.17-rc4 to 2.6.18-rc2 performs the atomic futex operation
with user space addresses instead of kernel space addresses, which allows
local users to cause a denial of service (crash).
Ubuntu-Description:
Notes:
dannf> s390 didn't have a futex.h until after 2.6.16
Bugs:
upstream: released (2.6.18-rc2)
linux-2.6: released (2.6.17-1)
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.6.10-hoary-security: N/A
2.6.12-breezy-security: N/A
2.6.15-dapper-security: N/A
2.6.17-edgy: ignored
|
