Linux Kernel Futex Local Deadlock Denial Of Service Vulnerability
BID:12959
Info
Linux Kernel Futex Local Deadlock Denial Of Service Vulnerability
| Bugtraq ID: | 12959 |
| Class: | Design Error |
| CVE: |
CVE-2005-0937 |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 31 2005 12:00AM |
| Updated: | Jul 12 2009 11:56AM |
| Credit: | The discoverer of this issue is not known. |
| Vulnerable: |
Redhat Enterprise Linux WS 4 Redhat Enterprise Linux ES 4 Redhat Enterprise Linux AS 4 Redhat Desktop 4.0 Mandriva Linux Mandrake 10.1 x86_64 Mandriva Linux Mandrake 10.1 Linux kernel 2.6.11 .6 Linux kernel 2.6.11 .5 Linux kernel 2.6.11 -rc4 Linux kernel 2.6.11 -rc3 Linux kernel 2.6.11 -rc2 Linux kernel 2.6.11 Linux kernel 2.6.10 rc2 Linux kernel 2.6.10 Linux kernel 2.6.9 Linux kernel 2.6.8 rc3 Linux kernel 2.6.8 rc2 Linux kernel 2.6.8 rc1 Linux kernel 2.6.8 Linux kernel 2.6.7 rc1 Linux kernel 2.6.7 Linux kernel 2.6.6 rc1 Linux kernel 2.6.6 Linux kernel 2.6.5 Linux kernel 2.6.4 Linux kernel 2.6.3 Linux kernel 2.6.2 Linux kernel 2.6.1 -rc2 Linux kernel 2.6.1 -rc1 Linux kernel 2.6.1 Linux kernel 2.6 .10 Linux kernel 2.6 -test9-CVS Linux kernel 2.6 -test9 Linux kernel 2.6 -test8 Linux kernel 2.6 -test7 Linux kernel 2.6 -test6 Linux kernel 2.6 -test5 Linux kernel 2.6 -test4 Linux kernel 2.6 -test3 Linux kernel 2.6 -test2 Linux kernel 2.6 -test11 Linux kernel 2.6 -test10 Linux kernel 2.6 -test1 Linux kernel 2.6 Linux kernel 2.5.69 Linux kernel 2.5.68 Linux kernel 2.5.67 Linux kernel 2.5.66 Linux kernel 2.5.65 Linux kernel 2.5.64 Linux kernel 2.5.63 Linux kernel 2.5.62 Linux kernel 2.5.61 Linux kernel 2.5.60 Linux kernel 2.5.59 Linux kernel 2.5.58 Linux kernel 2.5.57 Linux kernel 2.5.56 Linux kernel 2.5.55 Linux kernel 2.5.54 Linux kernel 2.5.53 Linux kernel 2.5.52 Linux kernel 2.5.51 Linux kernel 2.5.50 Linux kernel 2.5.49 Linux kernel 2.5.48 Linux kernel 2.5.47 Linux kernel 2.5.46 Linux kernel 2.5.45 Linux kernel 2.5.44 Linux kernel 2.5.43 Linux kernel 2.5.42 Linux kernel 2.5.41 Linux kernel 2.5.40 Linux kernel 2.5.39 Linux kernel 2.5.38 Linux kernel 2.5.37 Linux kernel 2.5.36 Linux kernel 2.5.35 Linux kernel 2.5.34 Linux kernel 2.5.33 Linux kernel 2.5.32 Linux kernel 2.5.31 Linux kernel 2.5.30 Linux kernel 2.5.29 Linux kernel 2.5.28 Linux kernel 2.5.27 Linux kernel 2.5.26 Linux kernel 2.5.25 Linux kernel 2.5.24 Linux kernel 2.5.23 Linux kernel 2.5.22 Linux kernel 2.5.21 Linux kernel 2.5.20 Linux kernel 2.5.19 Linux kernel 2.5.18 Linux kernel 2.5.17 Linux kernel 2.5.16 Linux kernel 2.5.15 Linux kernel 2.5.14 Linux kernel 2.5.13 Linux kernel 2.5.12 Linux kernel 2.5.11 Linux kernel 2.5.10 Linux kernel 2.5.9 Linux kernel 2.5.8 Linux kernel 2.5.7 Linux kernel 2.5.6 Linux kernel 2.5.5 Linux kernel 2.5.4 Linux kernel 2.5.3 Linux kernel 2.5.2 Linux kernel 2.5.1 Linux kernel 2.5 .0 |
| Not Vulnerable: | |
Discussion
Linux Kernel Futex Local Deadlock Denial Of Service Vulnerability
The Linux kernel futex functions are reported prone to a local denial of service vulnerability. The issue is reported to manifest because several unspecified futex functions perform 'get_user()' calls and at the same time hold mmap_sem for reading purposes.
A local attacker may potentially leverage this issue to trigger a kernel deadlock and potentially deny service for legitimate users.
This vulnerability is reported to exist in the 2.6 Linux kernel tree.
The Linux kernel futex functions are reported prone to a local denial of service vulnerability. The issue is reported to manifest because several unspecified futex functions perform 'get_user()' calls and at the same time hold mmap_sem for reading purposes.
A local attacker may potentially leverage this issue to trigger a kernel deadlock and potentially deny service for legitimate users.
This vulnerability is reported to exist in the 2.6 Linux kernel tree.
Exploit / POC
Linux Kernel Futex Local Deadlock Denial Of Service Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Linux Kernel Futex Local Deadlock Denial Of Service Vulnerability
Solution:
Ubuntu Linux has released an advisory dealing with this issue. Please see the referenced advisory for more information.
Mandriva Linux has released advisory MDKSA-2005:110 addressing this issue. Please see the referenced advisory for further information.
Red Hat has released an updated advisory RHSA-2005:420-24 to address various issues affecting the kernel. Please see the advisory in Web references for more information.
Linux kernel 2.6.8 rc1
Solution:
Ubuntu Linux has released an advisory dealing with this issue. Please see the referenced advisory for more information.
Mandriva Linux has released advisory MDKSA-2005:110 addressing this issue. Please see the referenced advisory for further information.
Red Hat has released an updated advisory RHSA-2005:420-24 to address various issues affecting the kernel. Please see the advisory in Web references for more information.
Linux kernel 2.6.8 rc1
-
Ubuntu linux-doc-2.6.8.1_2.6.8.1-16.14_all.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-doc-2.6.8.1_2.6.8.1-16.14_all.deb -
Ubuntu linux-headers-2.6.8.1-5-386_2.6.8.1-16.14_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-386_2.6.8.1-16.14_i386.deb -
Ubuntu linux-headers-2.6.8.1-5-686-smp_2.6.8.1-16.14_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-686-smp_2.6.8.1-16.14_i386.deb -
Ubuntu linux-headers-2.6.8.1-5-686_2.6.8.1-16.14_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-686_2.6.8.1-16.14_i386.deb -
Ubuntu linux-headers-2.6.8.1-5-amd64-generic_2.6.8.1-16.14_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-amd64-generic_2.6.8.1-16.14_amd64.deb -
Ubuntu linux-headers-2.6.8.1-5-amd64-k8-smp_2.6.8.1-16.14_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-amd64-k8-smp_2.6.8.1-16.14_amd64.deb -
Ubuntu linux-headers-2.6.8.1-5-amd64-k8_2.6.8.1-16.14_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-amd64-k8_2.6.8.1-16.14_amd64.deb -
Ubuntu linux-headers-2.6.8.1-5-amd64-xeon_2.6.8.1-16.14_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-amd64-xeon_2.6.8.1-16.14_amd64.deb -
Ubuntu linux-headers-2.6.8.1-5-k7-smp_2.6.8.1-16.14_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-k7-smp_2.6.8.1-16.14_i386.deb -
Ubuntu linux-headers-2.6.8.1-5-k7_2.6.8.1-16.14_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-k7_2.6.8.1-16.14_i386.deb -
Ubuntu linux-headers-2.6.8.1-5-power3-smp_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-power3-smp_2.6.8.1-16.14_powerpc.deb -
Ubuntu linux-headers-2.6.8.1-5-power3_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-power3_2.6.8.1-16.14_powerpc.deb -
Ubuntu linux-headers-2.6.8.1-5-power4-smp_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-power4-smp_2.6.8.1-16.14_powerpc.deb -
Ubuntu linux-headers-2.6.8.1-5-power4_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-power4_2.6.8.1-16.14_powerpc.deb -
Ubuntu linux-headers-2.6.8.1-5-powerpc-smp_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-powerpc-smp_2.6.8.1-16.14_powerpc.deb -
Ubuntu linux-headers-2.6.8.1-5-powerpc_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-powerpc_2.6.8.1-16.14_powerpc.deb -
Ubuntu linux-headers-2.6.8.1-5_2.6.8.1-16.14_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5_2.6.8.1-16.14_amd64.deb -
Ubuntu linux-headers-2.6.8.1-5_2.6.8.1-16.14_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5_2.6.8.1-16.14_i386.deb -
Ubuntu linux-headers-2.6.8.1-5_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5_2.6.8.1-16.14_powerpc.deb -
Ubuntu linux-image-2.6.8.1-5-386_2.6.8.1-16.14_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-386_2.6.8.1-16.14_i386.deb -
Ubuntu linux-image-2.6.8.1-5-686-smp_2.6.8.1-16.14_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-686-smp_2.6.8.1-16.14_i386.deb -
Ubuntu linux-image-2.6.8.1-5-686_2.6.8.1-16.14_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-686_2.6.8.1-16.14_i386.deb -
Ubuntu linux-image-2.6.8.1-5-amd64-generic_2.6.8.1-16.14_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-amd64-generic_2.6.8.1-16.14_amd64.deb -
Ubuntu linux-image-2.6.8.1-5-amd64-k8-smp_2.6.8.1-16.14_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-amd64-k8-smp_2.6.8.1-16.14_amd64.deb -
Ubuntu linux-image-2.6.8.1-5-amd64-k8_2.6.8.1-16.14_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-amd64-k8_2.6.8.1-16.14_amd64.deb -
Ubuntu linux-image-2.6.8.1-5-amd64-xeon_2.6.8.1-16.14_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-amd64-xeon_2.6.8.1-16.14_amd64.deb -
Ubuntu linux-image-2.6.8.1-5-k7-smp_2.6.8.1-16.14_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-k7-smp_2.6.8.1-16.14_i386.deb -
Ubuntu linux-image-2.6.8.1-5-k7_2.6.8.1-16.14_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-k7_2.6.8.1-16.14_i386.deb -
Ubuntu linux-image-2.6.8.1-5-power3-smp_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-power3-smp_2.6.8.1-16.14_powerpc.deb -
Ubuntu linux-image-2.6.8.1-5-power3_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-power3_2.6.8.1-16.14_powerpc.deb -
Ubuntu linux-image-2.6.8.1-5-power4-smp_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-power4-smp_2.6.8.1-16.14_powerpc.deb -
Ubuntu linux-image-2.6.8.1-5-power4_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-power4_2.6.8.1-16.14_powerpc.deb -
Ubuntu linux-image-2.6.8.1-5-powerpc-smp_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-powerpc-smp_2.6.8.1-16.14_powerpc.deb -
Ubuntu linux-image-2.6.8.1-5-powerpc_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-powerpc_2.6.8.1-16.14_powerpc.deb -
Ubuntu linux-patch-debian-2.6.8.1_2.6.8.1-16.14_all.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-patch-debian-2.6.8.1_2.6.8.1-16.14_all.deb -
Ubuntu linux-source-2.6.8.1_2.6.8.1-16.14_all.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-source-2.6.8.1_2.6.8.1-16.14_all.deb -
Ubuntu linux-tree-2.6.8.1_2.6.8.1-16.14_all.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-tree-2.6.8.1_2.6.8.1-16.14_all.deb
References
Linux Kernel Futex Local Deadlock Denial Of Service Vulnerability
References:
References:
- Re: [PATCH/RFC] Futex mmap_sem deadlock (Olof Johansson)
- RHSA-2005:420-24 - kernel (RedHat)