This bug was fixed in the package linux-lts-saucy -
3.11.0-23.40~precise1
---------------
linux-lts-saucy (3.11.0-23.40~precise1) precise; urgency=low
[ Upstream Kernel Changes ]
* futex-prevent-requeue-pi-on-same-futex.patch futex: Forbid uaddr ==
uaddr2 in futex_requeue(..., requeue_pi=1)
- LP: #1326367
- CVE-2014-3153
* futex: Validate atomic acquisition in futex_lock_pi_atomic()
- LP: #1326367
- CVE-2014-3153
* futex: Always cleanup owner tid in unlock_pi
- LP: #1326367
- CVE-2014-3153
* futex: Make lookup_pi_state more robust
- LP: #1326367
- CVE-2014-3153
-- Brad Figg <[email protected]> Wed, 04 Jun 2014 09:12:14 -0700
** Changed in: linux-lts-saucy (Ubuntu Precise)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1326367
Title:
exploitable futex vulnerability
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1326367/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
