blob: e3f5cac92d7c184ad97a73221ddbd8ebdbc4fe74 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
Candidate: CVE-2008-1669
Description:
"add rcu_read_lock() to fs/locks.c and fix fcntl store/load"
References:
Ubuntu-Description:
On SMP systems, a race condition existed in fcntl(). Local attackers
could perform malicious locks, causing system crashes and leading to
a denial of service.
Notes:
kees> http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=0b2bac2f1ea0d33a3621b27ca68b9ae760fca2e9
kees> linux-2.6.24.y: 0bbbae3bfd732f6c4d6b2a67121d77bf6b1c7f70
Bugs:
upstream: released (2.6.24.7, 2.6.25.2)
linux-2.6: released (2.6.25-2)
2.6.18-etch-security: released (2.6.18.dfsg.1-18etch4) [bugfix/fcntl_setlk-close-race.patch]
2.6.24-etch-security: released (2.6.24-6~etchnhalf.2) [bugfix/all/stable/2.6.24.7.patch]
2.6.15-dapper-security: released (2.6.15-52.67)
2.6.20-feisty-security: released (2.6.20-17.36)
2.6.22-gutsy-security: released (2.6.22-15.54)
2.6.24-hardy-security: released (2.6.24-19.34)
|
