[kernel-sec-discuss] r1989 - active
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Oct 4 09:50:45 UTC 2010
Author: jmm
Date: 2010-10-04 09:50:43 +0000 (Mon, 04 Oct 2010)
New Revision: 1989
Added:
active/CVE-2010-3079
Log:
new issue
Added: active/CVE-2010-3079
===================================================================
--- active/CVE-2010-3079 (rev 0)
+++ active/CVE-2010-3079 2010-10-04 09:50:43 UTC (rev 1989)
@@ -0,0 +1,15 @@
+Candidate: CVE-2010-3079
+Description:
+ kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when debugfs is enabled,
+ does not properly handle interaction between mutex possession and llseek operations,
+ which allows local users to cause a denial of service (outage of all function tracing
+ files) via an lseek call on a file descriptor associated with the set_ftrace_filter file.
+References:
+ 9c55cb12c1c172e2d51e85fbb5a4796ca86b77e7
+Notes:
+Bugs:
+upstream: released (2.6.35.5)
+2.6.32-upstream-stable:
+linux-2.6:
+2.6.26-lenny-security:
+2.6.32-squeeze-security:
More information about the kernel-sec-discuss
mailing list