vulnerability bulletin CVE-2012-0028
Linux kernel: denial of service via futex
Synthesis of the vulnerability
A local attacker can use a futex in a process calling execve(), in order to stop the kernel.Impacted products:
Linux, RHEL, ESX.
BID-51947, CVE-2012-0028, ESX400-201209001, ESX400-201209401-SG, ESX400-201209402-SG, ESX400-201209404-SG, RHSA-2012:0107-01, RHSA-2012:0358-01, VIGILANCE-VUL-11258, VMSA-2012-0003.1, VMSA-2012-0005.3, VMSA-2012-0008.1, VMSA-2012-0013.1.
Description of the vulnerability
A futex (Fast Userspace Mutex) locks elements, using atomic operations on an integer.
The execve() system call replaces the current process by a new process.
When a process uses a futex, and then calls exit(), the futex is freed. However, it is not freed during the call the execve(). The system thus becomes instable.
A local attacker can therefore use a futex in a process calling execve(), in order to stop the kernel.Complete Vigil@nce bulletin....
Share this bulletin
Computer vulnerabilities tracking service
Vigil@nce provides a systems vulnerabilities database
. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. The Vigil@nce vulnerability database contains several thousand vulnerabilities. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.