[kernel-sec-discuss] r2807 - active
Ben Hutchings
benh at alioth.debian.org
Mon Feb 18 14:31:43 UTC 2013
Author: benh
Date: 2013-02-18 14:31:21 +0000 (Mon, 18 Feb 2013)
New Revision: 2807
Added:
active/CVE-2013-0871
Log:
Add CVE-2013-0871
Added: active/CVE-2013-0871
===================================================================
--- active/CVE-2013-0871 (rev 0)
+++ active/CVE-2013-0871 2013-02-18 14:31:21 UTC (rev 2807)
@@ -0,0 +1,12 @@
+Description: Linux kernel race condition with PTRACE_SETREGS and fatal signal
+References:
+ http://seclists.org/oss-sec/2013/q1/326
+Notes:
+ There is a similar x86-specific ptrace race fixed by 848e8f5f0ad3169560c516fff6471be65f76e69f, 95cf00fa5d5e2a200a2c044c84bde8389a237e02.
+ The fix for this issue at least textually depends on that.
+Bugs:
+upstream: 910ffdb18a6408e14febbb6e4b6840fd2c928c82, 9899d11f654474d2d54ea52ceaa2a1f4db3abd68, 9067ac85d533651b98c2ff903182a20cbb361fcb
+2.6.32-upstream-stable:
+sid:
+2.6.32-squeeze-security:
+3.2-upstream-stable: pending [ptrace-introduce-signal_wake_up_state-and-ptrace_signal_wake_up.patch, ptrace-ensure-arch_ptrace-ptrace_request-can-never-race-with.patch, wake_up_process-should-be-never-used-to-wakeup-a.patch]
More information about the kernel-sec-discuss
mailing list