** Changed in: linux (Ubuntu Oneiric) Status: In Progress => Fix Committed
** Changed in: linux (Ubuntu Natty) Status: In Progress => Fix Committed ** Changed in: linux (Ubuntu Lucid) Status: In Progress => Fix Committed ** Description changed: + SRU Justification + Upstream commits: (1) 70834d30 "usermodehelper: use UMH_WAIT_PROC consistently" (2) b3449922 "usermodehelper: introduce umh_complete(sub_info)" (3) d0bd587a "usermodehelper: implement UMH_KILLABLE" (4) 9d944ef3 "usermodehelper: kill umh_wait, renumber UMH_* constants" (5) 5b9bd473 "usermodehelper: ____call_usermodehelper() doesn't need do_exit()" (6) 3e63a93b "kmod: introduce call_modprobe() helper" (7) 1cc684ab "kmod: make __request_module() killable" Description: Since 2.6.11, an unprivileged local user can easily keep the system under memory starvation state by temporarily disabling the OOM killer due to the OOM killer deadlock. Although we haven't eliminated all of possible attack vectors, this patchset can eliminate the most straightforward attack vector. Notes: (1) and (4) are optional. (4) depends on (1). (1) needs some corrections if we backport. For example, (1) does not include fix for ubuntu/fsam7400/fsam7400.c in precise.git. Therefore, I think excluding (1) and (4) is a safer choice. 3.4-rc1 will include (4) anyway. Please make sure that all users (including ubuntu/fsam7400/fsam7400.c) started using UMH_* constants. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/963685 Title: Please consider backporting killable request_module() patchset To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/963685/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs