kernel

• Vulnerable: 2.6.24-4kalgan1
• Unaffected: 2.6.24-4kalgan2

A vulnerability has been reported in the Linux kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to an error when preventing race conditions between “fcntl_setlk()” and “close()” calls on SMP systems. This can be exploited to trigger the improper, reordered access to the file descriptor table and the “file_lock” structure of an inode, between threads running on different CPUs.

• Bug Tracker URL: http://bugs.frugalware.org/task/3060

CVEs:

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1669