Pardus: 2010-48: Kernel: Denial of Service
Posted by Benjamin D. Thomas   
A vulnerability and a security issue have been fixed, which can be exploited by malicious, local users to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges.
------------------------------------------------------------------------
Pardus Linux Security Advisory 2010-48            security@pardus.org.tr
------------------------------------------------------------------------
      Date: 2010-04-09
  Severity: 3
      Type: Local
------------------------------------------------------------------------

Summary
======
A vulnerability and a security issue have  been  fixed,  which  can  be
exploited  by malicious,  local  users  to  bypass  certain   security
restrictions, cause a DoS (Denial of  Service),  and  potentially  gain
escalated privileges.


Description
==========
CVE-2010-0622:

The wake_futex_pi function in kernel/futex.c in the Linux  kernel  does
not properly handle certain unlock operations for a Priority Inheritance
(PI) futex, which allows local users to cause a denial of service (OOPS)
and  possibly have  unspecified  other  impact  via  vectors  involving
modification of the futex value from user space.



CVE-2010-0623:

The futex_lock_pi function in kernel/futex.c in the Linux  kernel  does
not properly manage a certain reference count, which allows local users
to cause a denial of service (OOPS) via vectors involving an unmount of
an ext3 filesystem.


Affected packages:

  Pardus 2008:
    kernel, all before 2.6.25.20-114-58


Resolution
=========
There are update(s) for kernel. You can update them via Package Manager
or with a single command from console:

    pisi up kernel

References
=========
  * http://bugs.pardus.org.tr/show_bug.cgi?id311
  * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0622
  * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0623

------------------------------------------------------------------------