Ubuntu
linux package

  1. Trusty (14.04)
  2. Bug #1326367
  3. Comment #7

Comment 7 for bug 1326367

Revision history for this message
Launchpad Janitor (janitor) wrote : Re: exploitable futex vulnerability

This bug was fixed in the package linux-lts-raring - 3.8.0-42.62~precise1

---------------
linux-lts-raring (3.8.0-42.62~precise1) precise; urgency=low

  [ Upstream Kernel Changes ]

  * futex-prevent-requeue-pi-on-same-futex.patch futex: Forbid uaddr ==
    uaddr2 in futex_requeue(..., requeue_pi=1)
    - LP: #1326367
    - CVE-2014-3153
  * futex: Validate atomic acquisition in futex_lock_pi_atomic()
    - LP: #1326367
    - CVE-2014-3153
  * futex: Always cleanup owner tid in unlock_pi
    - LP: #1326367
    - CVE-2014-3153
  * futex: Make lookup_pi_state more robust
    - LP: #1326367
    - CVE-2014-3153
 -- Brad Figg <email address hidden> Wed, 04 Jun 2014 12:01:23 -0700