blob: 26ec8c30c07fd387131d387e186d56a0df4e5738 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
Candidate: CVE-2010-3079
Description:
kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when debugfs is enabled,
does not properly handle interaction between mutex possession and llseek operations,
which allows local users to cause a denial of service (outage of all function tracing
files) via an lseek call on a file descriptor associated with the set_ftrace_filter file.
References:
9c55cb12c1c172e2d51e85fbb5a4796ca86b77e7
Notes:
Bugs:
upstream: released (2.6.35.5)
2.6.32-upstream-stable: released (2.6.32.22)
linux-2.6: released (2.6.32-24)
2.6.26-lenny-security: N/A (Introduced in 2.6.30 (8fc0c701), ftrace not present anyway)
2.6.32-squeeze-security: released (2.6.32-24)
|