** Changed in: linux (Ubuntu Oneiric)
Status: In Progress => Fix Committed
** Changed in: linux (Ubuntu Natty)
Status: In Progress => Fix Committed
** Changed in: linux (Ubuntu Lucid)
Status: In Progress => Fix Committed
** Description changed:
+ SRU Justification
+
Upstream commits:
(1) 70834d30 "usermodehelper: use UMH_WAIT_PROC consistently"
(2) b3449922 "usermodehelper: introduce umh_complete(sub_info)"
(3) d0bd587a "usermodehelper: implement UMH_KILLABLE"
(4) 9d944ef3 "usermodehelper: kill umh_wait, renumber UMH_* constants"
(5) 5b9bd473 "usermodehelper: ____call_usermodehelper() doesn't need
do_exit()"
(6) 3e63a93b "kmod: introduce call_modprobe() helper"
(7) 1cc684ab "kmod: make __request_module() killable"
Description:
Since 2.6.11, an unprivileged local user can easily keep the system under
memory starvation state by temporarily disabling the OOM killer due to the OOM
killer deadlock. Although we haven't eliminated all of possible attack
vectors,
this patchset can eliminate the most straightforward attack vector.
Notes:
(1) and (4) are optional. (4) depends on (1). (1) needs some corrections if we
backport. For example, (1) does not include fix for ubuntu/fsam7400/fsam7400.c
in precise.git. Therefore, I think excluding (1) and (4) is a safer choice.
3.4-rc1 will include (4) anyway. Please make sure that all users (including
ubuntu/fsam7400/fsam7400.c) started using UMH_* constants.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/963685
Title:
Please consider backporting killable request_module() patchset
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/963685/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
