CVE-2014-3153
Bug #1326367 reported by
John Johansen
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Invalid
|
High
|
Unassigned | ||
Precise |
Fix Released
|
High
|
Unassigned | ||
Trusty |
Fix Released
|
High
|
Unassigned | ||
Vivid |
Invalid
|
High
|
Unassigned | ||
Wily |
Invalid
|
High
|
Unassigned | ||
linux-armadaxp (Ubuntu) |
Invalid
|
High
|
Unassigned | ||
Precise |
Fix Released
|
High
|
Unassigned | ||
Trusty |
Invalid
|
High
|
Unassigned | ||
Vivid |
Invalid
|
High
|
Unassigned | ||
Wily |
Invalid
|
High
|
Unassigned | ||
linux-ec2 (Ubuntu) |
Invalid
|
High
|
Unassigned | ||
Precise |
Invalid
|
High
|
Unassigned | ||
Trusty |
Invalid
|
High
|
Unassigned | ||
Vivid |
Invalid
|
High
|
Unassigned | ||
Wily |
Invalid
|
High
|
Unassigned | ||
linux-flo (Ubuntu) |
Invalid
|
High
|
Unassigned | ||
Precise |
Invalid
|
High
|
Unassigned | ||
Trusty |
Invalid
|
High
|
Unassigned | ||
Vivid |
Invalid
|
High
|
Unassigned | ||
Wily |
Invalid
|
High
|
Unassigned | ||
linux-fsl-imx51 (Ubuntu) |
Invalid
|
High
|
Unassigned | ||
Precise |
Invalid
|
High
|
Unassigned | ||
Trusty |
Invalid
|
High
|
Unassigned | ||
Vivid |
Invalid
|
High
|
Unassigned | ||
Wily |
Invalid
|
High
|
Unassigned | ||
linux-goldfish (Ubuntu) |
Invalid
|
High
|
Unassigned | ||
Precise |
Invalid
|
High
|
Unassigned | ||
Trusty |
Invalid
|
High
|
Unassigned | ||
Vivid |
Invalid
|
High
|
Unassigned | ||
Wily |
Invalid
|
High
|
Unassigned | ||
linux-lts-quantal (Ubuntu) |
Invalid
|
High
|
Unassigned | ||
Precise |
Fix Released
|
High
|
Unassigned | ||
Trusty |
Invalid
|
High
|
Unassigned | ||
Vivid |
Invalid
|
High
|
Unassigned | ||
Wily |
Invalid
|
High
|
Unassigned | ||
linux-lts-raring (Ubuntu) |
Invalid
|
High
|
Unassigned | ||
Precise |
Fix Released
|
High
|
Unassigned | ||
Trusty |
Invalid
|
High
|
Unassigned | ||
Vivid |
Invalid
|
High
|
Unassigned | ||
Wily |
Invalid
|
High
|
Unassigned | ||
linux-lts-saucy (Ubuntu) |
Invalid
|
High
|
Unassigned | ||
Precise |
Fix Released
|
High
|
Unassigned | ||
Trusty |
Invalid
|
High
|
Unassigned | ||
Vivid |
Invalid
|
High
|
Unassigned | ||
Wily |
Invalid
|
High
|
Unassigned | ||
linux-lts-trusty (Ubuntu) |
Invalid
|
High
|
Unassigned | ||
Precise |
Fix Released
|
High
|
Unassigned | ||
Trusty |
Invalid
|
High
|
Unassigned | ||
Vivid |
Invalid
|
High
|
Unassigned | ||
Wily |
Invalid
|
High
|
Unassigned | ||
linux-lts-utopic (Ubuntu) |
Invalid
|
High
|
Unassigned | ||
Precise |
Invalid
|
High
|
Unassigned | ||
Trusty |
Invalid
|
High
|
Unassigned | ||
Vivid |
Invalid
|
High
|
Unassigned | ||
Wily |
Invalid
|
High
|
Unassigned | ||
linux-lts-vivid (Ubuntu) |
Invalid
|
High
|
Unassigned | ||
Precise |
Invalid
|
High
|
Unassigned | ||
Trusty |
Fix Committed
|
High
|
Unassigned | ||
Vivid |
Invalid
|
High
|
Unassigned | ||
Wily |
Invalid
|
High
|
Unassigned | ||
linux-lts-wily (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
Precise |
Invalid
|
High
|
Unassigned | ||
Trusty |
Invalid
|
High
|
Unassigned | ||
Vivid |
Invalid
|
High
|
Unassigned | ||
Wily |
Invalid
|
High
|
Unassigned | ||
linux-lts-xenial (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
Precise |
Invalid
|
High
|
Unassigned | ||
Trusty |
Fix Committed
|
High
|
Unassigned | ||
Vivid |
New
|
Undecided
|
Unassigned | ||
Wily |
Invalid
|
High
|
Unassigned | ||
linux-mako (Ubuntu) |
Invalid
|
High
|
Unassigned | ||
Precise |
Invalid
|
High
|
Unassigned | ||
Trusty |
Invalid
|
High
|
Unassigned | ||
Vivid |
Invalid
|
High
|
Unassigned | ||
Wily |
Invalid
|
High
|
Unassigned | ||
linux-manta (Ubuntu) |
Invalid
|
High
|
Unassigned | ||
Precise |
Invalid
|
High
|
Unassigned | ||
Trusty |
Invalid
|
High
|
Unassigned | ||
Vivid |
Invalid
|
High
|
Unassigned | ||
Wily |
Invalid
|
High
|
Unassigned | ||
linux-mvl-dove (Ubuntu) |
Invalid
|
High
|
Unassigned | ||
Precise |
Invalid
|
High
|
Unassigned | ||
Trusty |
Invalid
|
High
|
Unassigned | ||
Vivid |
Invalid
|
High
|
Unassigned | ||
Wily |
Invalid
|
High
|
Unassigned | ||
linux-raspi2 (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
Precise |
Invalid
|
High
|
Unassigned | ||
Trusty |
Invalid
|
High
|
Unassigned | ||
Vivid |
Invalid
|
High
|
Unassigned | ||
Wily |
Invalid
|
High
|
Unassigned | ||
linux-ti-omap4 (Ubuntu) |
Invalid
|
High
|
Unassigned | ||
Precise |
Fix Released
|
High
|
Unassigned | ||
Trusty |
Invalid
|
High
|
Unassigned | ||
Vivid |
Invalid
|
High
|
Unassigned | ||
Wily |
Invalid
|
High
|
Unassigned |
Bug Description
The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.
Break-Fix: 52400ba946759af
Break-Fix: 52400ba946759af
Break-Fix: 52400ba946759af
Break-Fix: 52400ba946759af
Related branches
tags: | added: kernel-release-tracking-bug |
information type: | Private Security → Public Security |
Changed in linux-armadaxp (Ubuntu Precise): | |
importance: | Undecided → High |
Changed in linux-armadaxp (Ubuntu Saucy): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-armadaxp (Ubuntu Trusty): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-armadaxp (Ubuntu Lucid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-armadaxp (Ubuntu Utopic): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-ec2 (Ubuntu Precise): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-ec2 (Ubuntu Saucy): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-ec2 (Ubuntu Trusty): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-ec2 (Ubuntu Lucid): | |
importance: | Undecided → High |
Changed in linux-ec2 (Ubuntu Utopic): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-quantal (Ubuntu Precise): | |
importance: | Undecided → High |
Changed in linux-lts-quantal (Ubuntu Saucy): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-quantal (Ubuntu Trusty): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-quantal (Ubuntu Lucid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-quantal (Ubuntu Utopic): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-mvl-dove (Ubuntu Precise): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-mvl-dove (Ubuntu Saucy): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-mvl-dove (Ubuntu Trusty): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-mvl-dove (Ubuntu Lucid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-mvl-dove (Ubuntu Utopic): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-saucy (Ubuntu Precise): | |
importance: | Undecided → High |
Changed in linux-lts-saucy (Ubuntu Saucy): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-saucy (Ubuntu Trusty): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-saucy (Ubuntu Lucid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-saucy (Ubuntu Utopic): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux (Ubuntu Precise): | |
importance: | Undecided → High |
Changed in linux (Ubuntu Saucy): | |
importance: | Undecided → High |
Changed in linux (Ubuntu Trusty): | |
importance: | Undecided → High |
Changed in linux (Ubuntu Lucid): | |
importance: | Undecided → High |
Changed in linux (Ubuntu Utopic): | |
importance: | Undecided → High |
Changed in linux-ti-omap4 (Ubuntu Precise): | |
importance: | Undecided → High |
Changed in linux-ti-omap4 (Ubuntu Saucy): | |
importance: | Undecided → High |
Changed in linux-ti-omap4 (Ubuntu Trusty): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-ti-omap4 (Ubuntu Lucid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-ti-omap4 (Ubuntu Utopic): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-fsl-imx51 (Ubuntu Precise): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-fsl-imx51 (Ubuntu Saucy): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-fsl-imx51 (Ubuntu Trusty): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-fsl-imx51 (Ubuntu Lucid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-fsl-imx51 (Ubuntu Utopic): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-raring (Ubuntu Precise): | |
importance: | Undecided → High |
Changed in linux-lts-raring (Ubuntu Saucy): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-raring (Ubuntu Trusty): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-raring (Ubuntu Lucid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-raring (Ubuntu Utopic): | |
status: | New → Invalid |
importance: | Undecided → High |
description: | updated |
Changed in linux-ec2 (Ubuntu Lucid): | |
status: | New → Fix Released |
Changed in linux (Ubuntu Utopic): | |
status: | Confirmed → Fix Committed |
description: | updated |
description: | updated |
summary: |
- exploitable futex vulnerability + CVE-2014-3153 |
tags: |
added: kernel-cve-tracking-bug removed: kernel-release-tracking-bug |
no longer affects: | linux-lts-trusty (Ubuntu Lucid) |
no longer affects: | linux-lts-trusty (Ubuntu Saucy) |
no longer affects: | linux-armadaxp (Ubuntu Lucid) |
no longer affects: | linux-armadaxp (Ubuntu Saucy) |
no longer affects: | linux-ec2 (Ubuntu Lucid) |
no longer affects: | linux-ec2 (Ubuntu Saucy) |
no longer affects: | linux-goldfish (Ubuntu Lucid) |
no longer affects: | linux-goldfish (Ubuntu Saucy) |
no longer affects: | linux-lts-saucy (Ubuntu Lucid) |
no longer affects: | linux-lts-saucy (Ubuntu Saucy) |
no longer affects: | linux-lts-quantal (Ubuntu Lucid) |
no longer affects: | linux-lts-quantal (Ubuntu Saucy) |
no longer affects: | linux-mvl-dove (Ubuntu Lucid) |
no longer affects: | linux-mvl-dove (Ubuntu Saucy) |
no longer affects: | linux-ti-omap4 (Ubuntu Lucid) |
no longer affects: | linux-ti-omap4 (Ubuntu Saucy) |
no longer affects: | linux-lts-vivid (Ubuntu Lucid) |
no longer affects: | linux-lts-vivid (Ubuntu Saucy) |
no longer affects: | linux (Ubuntu Lucid) |
no longer affects: | linux (Ubuntu Saucy) |
no longer affects: | linux-mako (Ubuntu Lucid) |
no longer affects: | linux-mako (Ubuntu Saucy) |
no longer affects: | linux-fsl-imx51 (Ubuntu Lucid) |
no longer affects: | linux-fsl-imx51 (Ubuntu Saucy) |
no longer affects: | linux-lts-utopic (Ubuntu Lucid) |
no longer affects: | linux-lts-utopic (Ubuntu Saucy) |
no longer affects: | linux-flo (Ubuntu Lucid) |
no longer affects: | linux-flo (Ubuntu Saucy) |
no longer affects: | linux-lts-raring (Ubuntu Lucid) |
no longer affects: | linux-lts-raring (Ubuntu Saucy) |
no longer affects: | linux-manta (Ubuntu Lucid) |
no longer affects: | linux-manta (Ubuntu Saucy) |
Changed in linux-lts-trusty (Ubuntu Precise): | |
status: | New → Fix Released |
importance: | Undecided → High |
Changed in linux-lts-trusty (Ubuntu Trusty): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-trusty (Ubuntu Wily): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-trusty (Ubuntu Utopic): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-trusty (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-quantal (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-ti-omap4 (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-raring (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-armadaxp (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-mvl-dove (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-saucy (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-manta (Ubuntu Precise): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-manta (Ubuntu Trusty): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-manta (Ubuntu Wily): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-manta (Ubuntu Utopic): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-manta (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-ec2 (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-vivid (Ubuntu Precise): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-vivid (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-vivid (Ubuntu Wily): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-vivid (Ubuntu Utopic): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-vivid (Ubuntu Trusty): | |
status: | New → Fix Committed |
importance: | Undecided → High |
Changed in linux-mako (Ubuntu Precise): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-mako (Ubuntu Trusty): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-mako (Ubuntu Wily): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-mako (Ubuntu Utopic): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-mako (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-fsl-imx51 (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-utopic (Ubuntu Precise): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-utopic (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-utopic (Ubuntu Wily): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-utopic (Ubuntu Utopic): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-utopic (Ubuntu Trusty): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-goldfish (Ubuntu Precise): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-goldfish (Ubuntu Trusty): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-goldfish (Ubuntu Wily): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-goldfish (Ubuntu Utopic): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-goldfish (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-flo (Ubuntu Precise): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-flo (Ubuntu Trusty): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-flo (Ubuntu Wily): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-flo (Ubuntu Utopic): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-flo (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → High |
no longer affects: | linux-lts-trusty (Ubuntu Utopic) |
no longer affects: | linux-armadaxp (Ubuntu Utopic) |
no longer affects: | linux-ec2 (Ubuntu Utopic) |
no longer affects: | linux-lts-wily (Ubuntu Utopic) |
no longer affects: | linux-goldfish (Ubuntu Utopic) |
no longer affects: | linux-lts-saucy (Ubuntu Utopic) |
no longer affects: | linux-lts-quantal (Ubuntu Utopic) |
no longer affects: | linux-raspi2 (Ubuntu Utopic) |
no longer affects: | linux-mvl-dove (Ubuntu Utopic) |
no longer affects: | linux-ti-omap4 (Ubuntu Utopic) |
no longer affects: | linux-lts-vivid (Ubuntu Utopic) |
no longer affects: | linux (Ubuntu Utopic) |
no longer affects: | linux-mako (Ubuntu Utopic) |
no longer affects: | linux-fsl-imx51 (Ubuntu Utopic) |
no longer affects: | linux-lts-utopic (Ubuntu Utopic) |
no longer affects: | linux-flo (Ubuntu Utopic) |
no longer affects: | linux-lts-raring (Ubuntu Utopic) |
no longer affects: | linux-manta (Ubuntu Utopic) |
Changed in linux-lts-wily (Ubuntu Precise): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-wily (Ubuntu Wily): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-wily (Ubuntu Trusty): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-wily (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-raspi2 (Ubuntu Precise): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-raspi2 (Ubuntu Wily): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-raspi2 (Ubuntu Trusty): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-raspi2 (Ubuntu Vivid): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-xenial (Ubuntu Precise): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-xenial (Ubuntu Wily): | |
status: | New → Invalid |
importance: | Undecided → High |
Changed in linux-lts-xenial (Ubuntu Trusty): | |
status: | New → Fix Committed |
importance: | Undecided → High |
To post a comment you must log in.
This bug was fixed in the package linux - 2.6.32-61.124
---------------
linux (2.6.32-61.124) lucid; urgency=low
[ Luis Henriques ]
* Revert "sysctl net: Keep tcp_syn_retries inside the boundary"
- LP: #1326473
* Revert "net: check net.core.somaxconn sysctl values"
- LP: #1326473
[ Upstream Kernel Changes ]
* futex-prevent- requeue- pi-on-same- futex.patch futex: Forbid uaddr == pi_atomic( )
uaddr2 in futex_requeue(..., requeue_pi=1)
- LP: #1326367
- CVE-2014-3153
* futex: Validate atomic acquisition in futex_lock_
- LP: #1326367
- CVE-2014-3153
* futex: Always cleanup owner tid in unlock_pi
- LP: #1326367
- CVE-2014-3153
* futex: Make lookup_pi_state more robust
- LP: #1326367
- CVE-2014-3153
-- Brad Figg <email address hidden> Wed, 04 Jun 2014 07:21:55 -0700