[Frugalware-security] [ FSA-445 ] kernel

Miklos Vajna vmiklos at frugalware.org
Thu May 15 15:28:42 CEST 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Frugalware Security Advisory                           FSA-445

Date: 2008-05-15
Package: kernel
Vulnerable versions: <= 2.6.24-4kalgan1
Unaffected versions: >= 2.6.24-4kalgan2
Related bugreport: http://bugs.frugalware.org/task/3060
CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1669

Description
===========

A vulnerability has been reported in the Linux kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
The vulnerability is caused due to an error when preventing race conditions between "fcntl_setlk()" and "close()" calls on SMP systems. This can be exploited to trigger the improper, reordered access to the file descriptor table and the "file_lock" structure of an inode, between threads running on different CPUs.

Updated Packages
================

Check if you have kernel installed:

	# pacman-g2 -Q kernel

If found, then you should upgrade to the latest version:

	# pacman-g2 -Sy kernel

Availability
============

The latest revision of this advisory is available at
http://frugalware.org/security/445

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: See http://ftp.frugalware.org/pub/README.GPG for info

iEYEARECAAYFAkgsOooACgkQZ7NElSD1VhltyACaAotrvSX1Ipd3GJ/z2hjhm+8V
RKIAn3PQPIWYE2TjlBQwghumo14JlVVt
=zDD+
-----END PGP SIGNATURE-----


More information about the Frugalware-security mailing list