Ubuntu
linux package

  1. Bug #1326367
  2. Comment #10

Comment 10 for bug 1326367

Revision history for this message
Launchpad Janitor (janitor) wrote : Re: exploitable futex vulnerability

This bug was fixed in the package linux - 3.2.0-64.97

---------------
linux (3.2.0-64.97) precise; urgency=low

  [ Upstream Kernel Changes ]

  * futex-prevent-requeue-pi-on-same-futex.patch futex: Forbid uaddr ==
    uaddr2 in futex_requeue(..., requeue_pi=1)
    - LP: #1326367
    - CVE-2014-3153
  * futex: Validate atomic acquisition in futex_lock_pi_atomic()
    - LP: #1326367
    - CVE-2014-3153
  * futex: Always cleanup owner tid in unlock_pi
    - LP: #1326367
    - CVE-2014-3153
  * futex: Make lookup_pi_state more robust
    - LP: #1326367
    - CVE-2014-3153
 -- Brad Figg <email address hidden> Wed, 04 Jun 2014 10:48:57 -0700