[kernel-sec-discuss] r1411 - active
Michael Gilbert
gilbert-guest at alioth.debian.org
Sun Jul 5 04:31:20 UTC 2009
Author: gilbert-guest
Date: 2009-07-05 04:31:19 +0000 (Sun, 05 Jul 2009)
New Revision: 1411
Added:
active/CVE-2009-1388
Log:
new issue
Copied: active/CVE-2009-1388 (from rev 1408, active/00boilerplate)
===================================================================
--- active/CVE-2009-1388 (rev 0)
+++ active/CVE-2009-1388 2009-07-05 04:31:19 UTC (rev 1411)
@@ -0,0 +1,31 @@
+Candidate: CVE-2009-1388
+Description:
+ The OpenVZ Linux kernel team has found deadlock between ptrace and
+ coredump code. It affects 2.6.18 but does not affect the upstream kernel.
+
+ "ptrace_start() spins waiting for child->state ==
+ TASK_TRACED/TASK_STOPPED. If we race with the coredumping, we have to
+ wait until it completes.
+
+ If the tracer participates in coredumping too, we deadlock.
+ do_coredump() waits for tracer to exit and report
+ complete(mm->core_startup_done), the tracer spins in an endless loop.
+
+ Change ptrace_start() to abort if child->mm->core_waiters != 0."
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-1388
+ https://bugzilla.redhat.com/attachment.cgi?id=346742
+Ubuntu-Description:
+Notes:
+ I can't find the ptrace_start() code in any of the debian kernels, so i
+ believe this to be a redhat-specific issue
+Bugs:
+upstream:
+linux-2.6:
+2.6.18-etch-security:
+2.6.24-etch-security:
+2.6.26-lenny-security:
+2.6.15-dapper-security:
+2.6.22-gutsy-security:
+2.6.24-hardy-security:
+2.6.27-intrepid-security:
Property changes on: active/CVE-2009-1388
___________________________________________________________________
Added: svn:mergeinfo
+
More information about the kernel-sec-discuss
mailing list