[kernel] r4922 - patch-tracking
Micah Anderson
micah at costa.debian.org
Sun Nov 27 20:02:25 UTC 2005
Author: micah
Date: Sun Nov 27 20:02:24 2005
New Revision: 4922
Modified:
patch-tracking/nptl-signal-delivery-deadlock-fix.dpatch
Log:
Received CVE-2005-3847 for nptl issue
Modified: patch-tracking/nptl-signal-delivery-deadlock-fix.dpatch
==============================================================================
--- patch-tracking/nptl-signal-delivery-deadlock-fix.dpatch (original)
+++ patch-tracking/nptl-signal-delivery-deadlock-fix.dpatch Sun Nov 27 20:02:24 2005
@@ -1,4 +1,4 @@
-Candidate: requested
+Candidate: CVE-2005-3847
References:
CONFIRM:http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=dd12f48d4e8774415b528d3991ae47c28f26e1ac;hp=ade6648b3b11a5d81f6f28135193ab6d85d621db
MISC:http://groups.google.com/group/linux.kernel/browse_thread/thread/74683bcc8dbf0df3/bf540370894d3de0%23bf540370894d3de0?sa=X&oi=groupsr&start=0&num=3
@@ -10,7 +10,12 @@
a denial of service attack.
Notes:
handle_stop_signal() in 2.4 looks significantly different, and since this bug
- is associated with NPTL, I don't think we ned to worry about in 2.4.
+ is associated with NPTL, I don't think we need to worry about in 2.4.
+ CVE description is actually as follows:
+ signal.c in Linux kernel before 2.6.13 and 2.6.12.6 and earlier allows
+ local users to cause a denial of service (deadlock) by sending a
+ SIGKILL to a real-time threaded process while it is performing a core
+ dump.
Bug:
upstream: released (2.6.12.6, 2.6.13)
2.6.14: N/A
More information about the Kernel-svn-changes
mailing list