The futex_requeue function in kernel/futex.c in the Linux kernel up to and including 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
redhat enterprise linux server aus 6.2 |
||
suse linux enterprise desktop 11 |
||
suse linux enterprise server 11 |
||
suse linux enterprise real time extension 11 |
||
opensuse opensuse 11.4 |
||
suse linux enterprise high availability extension 11 |