Has CVE-2006-5648 been addressed for the current linux-2.6 version? Here's what I've found out about this bug so far:
NOTE: Some new futex-related system calls need arch-specific support NOTE: routines, or they can lead to unkillable userspace processes. NOTE: The following git commits add futex_atomic_cmpxchg_inatomic NOTE: implementations. The initial implementation contained code NOTE: for amd64 and i386. Other implementations were added here: NOTE: c7fed9d75074f7c243ec8ff2c55d04de2839a6f6 (sparc64, before 2.6.19) NOTE: 69588298188b40ed7f75c98a6fd328d82f23ca21 (powerpc, before 2.6.18) NOTE: a192dc16000241dc02990a36b6830839b73c44de (ia64, before 2.6.19) NOTE: 342a0497c23c278633f8674ab62f71e5049b7080 (parisc, before 2.6.19) NOTE: Expoitability depends on whether the syscall is actually wired, NOTE: which seems to be the case for everything but ia64 and maybe arm. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
