Ubuntu
linux package

  1. Trusty (14.04)
  2. Bug #1326367
  3. Comment #8

Comment 8 for bug 1326367

Revision history for this message
Launchpad Janitor (janitor) wrote : Re: exploitable futex vulnerability

This bug was fixed in the package linux-lts-saucy - 3.11.0-23.40~precise1

---------------
linux-lts-saucy (3.11.0-23.40~precise1) precise; urgency=low

  [ Upstream Kernel Changes ]

  * futex-prevent-requeue-pi-on-same-futex.patch futex: Forbid uaddr ==
    uaddr2 in futex_requeue(..., requeue_pi=1)
    - LP: #1326367
    - CVE-2014-3153
  * futex: Validate atomic acquisition in futex_lock_pi_atomic()
    - LP: #1326367
    - CVE-2014-3153
  * futex: Always cleanup owner tid in unlock_pi
    - LP: #1326367
    - CVE-2014-3153
  * futex: Make lookup_pi_state more robust
    - LP: #1326367
    - CVE-2014-3153
 -- Brad Figg <email address hidden> Wed, 04 Jun 2014 09:12:14 -0700