CVE-2010-1437: Race Condition

First published: Fri Apr 23 2010(Updated: )

Description of problem: Reported by Toshiyuki Okajima. With linux-2.6.34-rc5, find_keyring_by_name() can gain the keyring which has been already freed. And then, its space (which is gained by find_keyring_by_name()) is broken by accessing the freed keyring as the available keyring: 1) If the space of the freed keyring is reallocated for other purpose (ie. filp SLUB), the data of the filp object may be destroyed by the user of the freed keyring. (SLUB configuration can share the freed space with other same-size slabs.) 2) If the slab space of the freed keyring is released into the system, the system panic may happen because accessing the space of the freed keyring causes the page-fault. Example: (we can easily confirm this problem if CONFIG_SLUB is "y".) [1] with CONFIG_SLUB_DEBUG_ON While we are executing my reproducer (which is attached), we can notice that the user of the freed keyring breaks its space: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # ./reproducer & ... # dmesg ... ============================================================================= BUG key_jar: Poison overwritten ----------------------------------------------------------------------------- INFO: 0xffff880197a7e200-0xffff880197a7e200. First byte 0x6a instead of 0x6b INFO: Allocated in key_alloc+0x10b/0x35f age=25 cpu=1 pid=5086 INFO: Freed in key_cleanup+0xd0/0xd5 age=12 cpu=1 pid=10 INFO: Slab 0xffffea000592cb90 objects=16 used=2 fp=0xffff880197a7e200 flags=0x200000000000c3 INFO: Object 0xffff880197a7e200 @offset=512 fp=0xffff880197a7e300 Bytes b4 0xffff880197a7e1f0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ Object 0xffff880197a7e200: 6a 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b jkkkkkkkkkkkkkkk Object 0xffff880197a7e210: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk Object 0xffff880197a7e220: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk Object 0xffff880197a7e230: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk Object 0xffff880197a7e240: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk Object 0xffff880197a7e250: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk Object 0xffff880197a7e260: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk Object 0xffff880197a7e270: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk Object 0xffff880197a7e280: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk Object 0xffff880197a7e290: 6b 6b 6b 6b 6b 6b 6b a5 kkkkkkk� Redzone 0xffff880197a7e298: bb bb bb bb bb bb bb bb �� Padding 0xffff880197a7e2d8: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ Padding 0xffff880197a7e2e8: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ Padding 0xffff880197a7e2f8: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ Pid: 5090, comm: su Not tainted 2.6.34-rc5-nofixed #1 Call Trace: [<ffffffff810e3e9c>] ? check_bytes_and_report+0xb5/0xe6 [<ffffffff81152994>] ? key_alloc+0x10b/0x35f [<ffffffff810e3f8f>] ? check_object+0xc2/0x1a4 [<ffffffff810e5c09>] ? __slab_alloc+0x2ff/0x3a6 [<ffffffff81152994>] ? key_alloc+0x10b/0x35f [<ffffffff81152780>] ? key_user_lookup+0x78/0x181 [<ffffffff81152994>] ? key_alloc+0x10b/0x35f [<ffffffff810e658a>] ? kmem_cache_alloc+0x75/0xe9 [<ffffffff81152994>] ? key_alloc+0x10b/0x35f [<ffffffff8115360a>] ? keyring_alloc+0x29/0x61 [<ffffffff81155897>] ? install_user_keyrings+0x99/0x168 [<ffffffff81155ae6>] ? lookup_user_key+0x180/0x30a [<ffffffff81153eaf>] ? keyctl_get_keyring_ID+0x15/0x38 [<ffffffff81008a02>] ? system_call_fastpath+0x16/0x1b FIX key_jar: Restoring 0xffff880197a7e200-0xffff880197a7e200=0x6b FIX key_jar: Marking all objects used ============================================================================= BUG key_jar: Poison overwritten ----------------------------------------------------------------------------- ... - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [2] without CONFIG_SLUB_DEBUG_ON While we are executing my reproducer (which is attached), we may find such the back-trace at the system panic: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # ls -l /sys/kernel/slab total 0 drwxr-xr-x 2 root root 0 Apr 21 00:45 :at-0000016 ... lrwxrwxrwx 1 root root 0 Apr 21 00:45 cred_jar -> :t-0000192 ... lrwxrwxrwx 1 root root 0 Apr 21 00:45 filp -> :t-0000192 ... lrwxrwxrwx 1 root root 0 Apr 21 00:45 key_jar -> :t-0000192 ... lrwxrwxrwx 1 root root 0 Apr 21 00:45 kmalloc-192 -> :t-0000192 ... # ./reproducer.sh (PANIC) <1>BUG: unable to handle kernel NULL pointer dereference at 0000000000000001 <1>IP: [<ffffffff810e61a3>] kmem_cache_alloc+0x5b/0xe9 <4>PGD 6b2b4067 PUD 6a80d067 PMD 0 <0>Oops: 0000 [#1] SMP <0>last sysfs file: /sys/kernel/kexec_crash_loaded <4>CPU 1 <4>Modules linked in: nfsd lockd nfs_acl auth_rpcgss exportfs sunrpc autofs4 ipv6 ext4 jbd2 dm_mirror dm_region_hash dm_log dm_mul tipath uinput shpchp i2c_i801 ppdev parport_pc e752x_edac edac_core i2c_core tg3 iTCO_wdt iTCO_vendor_support parport pcspkr ext3 jbd mbcache ata_generic pata_acpi megaraid_mbox megaraid_mm ata_piix floppy dm_mod [last unloaded: scsi_wait_scan] <4>Pid: 31245, comm: su Not tainted 2.6.34-rc5-nofixed-nodebug #2 D2089/PRIMERGY <4>RIP: 0010:[<ffffffff810e61a3>] [<ffffffff810e61a3>] kmem_cache_alloc+0x5b/0xe9 <4>RSP: 0018:ffff88006af3bd98 EFLAGS: 00010002 <4>RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffff88007d19900b <4>RDX: 0000000100000000 RSI: 00000000000080d0 RDI: ffffffff81828430 <4>RBP: ffffffff81828430 R08: ffff88000a293750 R09: 0000000000000000 <4>R10: 0000000000000001 R11: 0000000000100000 R12: 00000000000080d0 <4>R13: 00000000000080d0 R14: 0000000000000296 R15: ffffffff810f20ce <4>FS: 00007f97116bc700(0000) GS:ffff88000a280000(0000) knlGS:0000000000000000 <4>CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 <4>CR2: 0000000000000001 CR3: 000000006a91c000 CR4: 00000000000006e0 <4>DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 <4>DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 <4>Process su (pid: 31245, threadinfo ffff88006af3a000, task ffff8800374414c0) <0>Stack: <4> 0000000512e0958e 0000000000008000 ffff880037f8d180 0000000000000001 <4><0> 0000000000000000 0000000000008001 ffff88007d199000 ffffffff810f20ce <4><0> 0000000000008000 ffff88006af3be48 0000000000000024 ffffffff810face3 <0>Call Trace: <4> [<ffffffff810f20ce>] ? get_empty_filp+0x70/0x12f <4> [<ffffffff810face3>] ? do_filp_open+0x145/0x590 <4> [<ffffffff810ce208>] ? tlb_finish_mmu+0x2a/0x33 <4> [<ffffffff810ce43c>] ? unmap_region+0xd3/0xe2 <4> [<ffffffff810e4393>] ? virt_to_head_page+0x9/0x2d <4> [<ffffffff81103916>] ? alloc_fd+0x69/0x10e <4> [<ffffffff810ef4ed>] ? do_sys_open+0x56/0xfc <4> [<ffffffff81008a02>] ? system_call_fastpath+0x16/0x1b <0>Code: 0f 1f 44 00 00 49 89 c6 fa 66 0f 1f 44 00 00 65 4c 8b 04 25 60 e8 00 00 48 8b 45 00 49 01 c0 49 8b 18 48 85 db 74 0d 48 63 45 18 <48> 8b 04 03 49 89 00 eb 14 4c 89 f9 83 ca ff 44 89 e6 48 89 ef <1>RIP [<ffffffff810e61a3>] kmem_cache_alloc+0x5b/0xe9 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [reproducer.sh] - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - #!/bin/sh LOOP=100000 USER=dummy_user # add /bin/su -c "exit;" $USER || { /usr/sbin/adduser -m $USER; add=1; } for ((i=0; i<LOOP; i++)) do /bin/su -c "echo '$i' > /dev/null" $USER done # del (( add == 1 )) && /usr/sbin/userdel -r $USER exit - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - I created the patch which fixes this problem. (I attach it into the following mail. And I couldn't see the "Poison" lines of dmesg with the fixed kernel while I was executing my reproducer. So, this problem seems to be fixed by this patch.) This problem is serious because it may trigger the user data destructions.

Credit: secalert@redhat.com secalert@redhat.com

Affected Software	Affected Version	How to fix
Linux Linux kernel	=2.6.32-git-6
Linux Linux kernel	=2.6.27.12
Linux Linux kernel	=2.6.20.6
Linux Linux kernel	=2.6.32.5
Linux Linux kernel	=2.6.28-rc4
Linux Linux kernel	=2.6.28-git7
Linux Linux kernel	=2.6.20.9
Linux Linux kernel	=2.6.26-rc4
Linux Linux kernel	=2.6.18-rc3
Linux Linux kernel	=2.6.29-rc8-kk
Linux Linux kernel	=2.6.11
Linux Linux kernel	=2.6.23.4
Linux Linux kernel	=2.6.22.15
Linux Linux kernel	=2.6.16.16
Linux Linux kernel	=2.6.18.7
Linux Linux kernel	=2.6.17.12
Linux Linux kernel	=2.6.16.39
Linux Linux kernel	=2.6.31
Linux Linux kernel	=2.6.29.3
Linux Linux kernel	=2.6.21
Linux Linux kernel	=2.6.16.9
Linux Linux kernel	=2.6.31-rc4
Linux Linux kernel	=2.6.17.9
Linux Linux kernel	=2.6.32-rc1
Linux Linux kernel	=2.6.31.9
Linux Linux kernel	=2.6.11.2
Linux Linux kernel	=2.6.5
Linux Linux kernel	=2.6.32-rc5
Linux Linux kernel	=2.6.15.3
Linux Linux kernel	=2.6.11.10
Linux Linux kernel	=2.6.24.7
Linux Linux kernel	=2.6.1
Linux Linux kernel	=2.6.16.43
Linux Linux kernel	=2.6.16.6
Linux Linux kernel	=2.6.31.3
Linux Linux kernel	=2.6.16.8
Linux Linux kernel	=2.6.20.13
Linux Linux kernel	=2.6.33-rc6
Linux Linux kernel	=2.6.22.4
Linux Linux kernel	=2.6.27.34
Linux Linux kernel	=2.6.14.7
Linux Linux kernel	=2.6.18-rc2
Linux Linux kernel	=2.6.13
Linux Linux kernel	=2.6.17.2
Linux Linux kernel	=2.6.13.3
Linux Linux kernel	=2.6.23.13
Linux Linux kernel	=2.6.11.8
Linux Linux kernel	=2.6.24.2
Linux Linux kernel	=2.6.18-rc5
Linux Linux kernel	=2.6.26.5
Linux Linux kernel	=2.6.30.10
Linux Linux kernel	=2.6.16.34
Linux Linux kernel	=2.6.25.20
Linux Linux kernel	=2.6.31.12
Linux Linux kernel	=2.6.27.37
Linux Linux kernel	=2.6.18-rc4
Linux Linux kernel	=2.6.22.21
Linux Linux kernel	=2.6.23.7
Linux Linux kernel	=2.6.30-rc2
Linux Linux kernel	=2.6.17.8
Linux Linux kernel	=2.6.14.4
Linux Linux kernel	=2.6.14
Linux Linux kernel	=2.6.16.31--rc3
Linux Linux kernel	=2.6.25.5
Linux Linux kernel	=2.6.17.4
Linux Linux kernel	=2.6.16.18
Linux Linux kernel	=2.6.17.14
Linux Linux kernel	=2.6.10
Linux Linux kernel	=2.6.23.8
Linux Linux kernel	=2.6.27-rc6
Linux Linux kernel	=2.6.32.9
Linux Linux kernel	=2.6.16.45
Linux Linux kernel	=2.6.22.12
Linux Linux kernel	=2.6.25.18
Linux Linux kernel	=2.6.14.3
Linux Linux kernel	=2.6.34-rc2
Linux Linux kernel	=2.6.29
Linux Linux kernel	=2.6.24-rc3
Linux Linux kernel	=2.6.18.3
Linux Linux kernel	=2.6.16.37
Linux Linux kernel	=2.6.30-rc3
Linux Linux kernel	=2.6.11.6
Linux Linux kernel	=2.6.16.48
Linux Linux kernel	=2.6.11.11
Linux Linux kernel	=2.6.16.13
Linux Linux kernel	=2.6.27.10
Linux Linux kernel	=2.6.27-rc5
Linux Linux kernel	=2.6.3
Linux Linux kernel	=2.6.31.4
Linux Linux kernel	=2.6.32
Linux Linux kernel	=2.6.21.6
Linux Linux kernel	=2.6.26.6
Linux Linux kernel	=2.6.22.1
Linux Linux kernel	=2.6.16.4
Linux Linux kernel	=2.6.23.16
Linux Linux kernel	=2.6.31.6
Linux Linux kernel	=2.6.17.3
Linux Linux kernel	=2.6.31.10
Linux Linux kernel	=2.6.27-rc3
Linux Linux kernel	=2.6.24.1
Linux Linux kernel	=2.6.32.3
Linux Linux kernel	=2.6.20.5
Linux Linux kernel	=2.6.22
Linux Linux kernel	=2.6.28.4
Linux Linux kernel	=2.6.4
Linux Linux kernel	=2.6.26
Linux Linux kernel	=2.6.16.15
Linux Linux kernel	=2.6.27.20
Linux Linux kernel	=2.6.15.6
Linux Linux kernel	=2.6.24-rc5
Linux Linux kernel	=2.6.26.3
Linux Linux kernel	=2.6.20.16
Linux Linux kernel	=2.6.34-rc1
Linux Linux kernel	=2.6.15.1
Linux Linux kernel	=2.6.11.5
Linux Linux kernel	=2.6.28.2
Linux Linux kernel	=2.6.25.9
Linux Linux kernel	=2.6.19.3
Linux Linux kernel	=2.6.27
Linux Linux kernel	=2.6.19.4
Linux Linux kernel	=2.6.25.13
Linux Linux kernel	=2.6.28.5
Linux Linux kernel	=2.6.19.1
Linux Linux kernel	=2.6.18.4
Linux Linux kernel	=2.6.33-rc1
Linux Linux kernel	=2.6.16.1
Linux Linux kernel	=2.6.18.1
Linux Linux kernel	=2.6.20.21
Linux Linux kernel	=2.6.31-rc1
Linux Linux kernel	=2.6.27.33
Linux Linux kernel	=2.6.23.1
Linux Linux kernel	=2.6.2
Linux Linux kernel	=2.6.14.5
Linux Linux kernel	=2.6.13.2
Linux Linux kernel	=2.6.17.5
Linux Linux kernel	=2.6.24-rc4
Linux Linux kernel	=2.6.32-rc6
Linux Linux kernel	=2.6.18.5
Linux Linux kernel	=2.6.21.1
Linux Linux kernel	=2.6.16.32
Linux Linux kernel	=2.6.13.5
Linux Linux kernel	=2.6.16.57
Linux Linux kernel	=2.6.16.49
Linux Linux kernel	=2.6.25.3
Linux Linux kernel	=2.6.27.36
Linux Linux kernel	=2.6.17
Linux Linux kernel	=2.6.24
Linux Linux kernel	=2.6.31-rc6
Linux Linux kernel	=2.6.31.1
Linux Linux kernel	=2.6.19.2
Linux Linux kernel	=2.6.26.2
Linux Linux kernel	=2.6.21.4
Linux Linux kernel	=2.6.16.11
Linux Linux kernel	=2.6.20.17
Linux Linux kernel	=2.6.16.14
Linux Linux kernel	=2.6.33-rc2
Linux Linux kernel	=2.6.20.12
Linux Linux kernel	=2.6.16.25
Linux Linux kernel	=2.6.16.21
Linux Linux kernel	=2.6.16.33
Linux Linux kernel	=2.6.30.7
Linux Linux kernel	=2.6.8
Linux Linux kernel	=2.6.16.28
Linux Linux kernel	=2.6.17.10
Linux Linux kernel	=2.6.21.5
Linux Linux kernel	=2.6.25.15
Linux Linux kernel	=2.6.14.1
Linux Linux kernel	=2.6.28-rc5
Linux Linux kernel	=2.6.23.15
Linux Linux kernel	=2.6.16.23
Linux Linux kernel	=2.6.33.1
Linux Linux kernel	=2.6.29.4
Linux Linux kernel	=2.6.12.5
Linux Linux kernel	=2.6.15.7
Linux Linux kernel	=2.6.20
Linux Linux kernel	=2.6.23.10
Linux Linux kernel	=2.6.22.7
Linux Linux kernel	=2.6.27-rc7
Linux Linux kernel	=2.6.16.3
Linux Linux kernel	=2.6.27.8
Linux Linux kernel	=2.6.31.7
Linux Linux kernel	=2.6.24-rc1
Linux Linux kernel	=2.6.28-rc1
Linux Linux kernel	=2.6.26.1
Linux Linux kernel	=2.6.25.19
Linux Linux kernel	=2.6.20.20
Linux Linux kernel	=2.6.16.36
Linux Linux kernel	=2.6.30.8
Linux Linux kernel	=2.6.14.6
Linux Linux kernel	=2.6.12.1
Linux Linux kernel	=2.6.27.9
Linux Linux kernel	=2.6.11.9
Linux Linux kernel	=2.6.16.46
Linux Linux kernel	=2.6.17.1
Linux Linux kernel	=2.6.20.8
Linux Linux kernel	=2.6.30.9
Linux Linux kernel	=2.6.20.15
Linux Linux kernel	=2.6.22.18
Linux Linux kernel	=2.6.0
Linux Linux kernel	=2.6.25.8
Linux Linux kernel	=2.6.16.54
Linux Linux kernel	=2.6.32-rc4
Linux Linux kernel	=2.6.13.4
Linux Linux kernel	=2.6.22.20
Linux Linux kernel	=2.6.23-rc2
Linux Linux kernel	=2.6.20.18
Linux Linux kernel	=2.6.23.9
Linux Linux kernel	=2.6.22.6
Linux Linux kernel	=2.6.23.3
Linux Linux kernel	=2.6.18.8
Linux Linux kernel	=2.6.22.3
Linux Linux kernel	=2.6.12.2
Linux Linux kernel	=2.6.16.31
Linux Linux kernel	=2.6.30-rc5
Linux Linux kernel	=2.6.16.26
Linux Linux kernel	=2.6.29-rc2
Linux Linux kernel	=2.6.16.62
Linux Linux kernel	=2.6.18.2
Linux Linux kernel	=2.6.28.8
Linux Linux kernel	=2.6.31-rc5
Linux Linux kernel	=2.6.16.29
Linux Linux kernel	=2.6.29.1
Linux Linux kernel	=2.6.23-rc1
Linux Linux kernel	=2.6.24.4
Linux Linux kernel	=2.6.28-rc7
Linux Linux kernel	=2.6.27-rc8
Linux Linux kernel	=2.6.25.16
Linux Linux kernel	=2.6.16.31--rc5
Linux Linux kernel	=2.6.22.9
Linux Linux kernel	=2.6.25.17
Linux Linux kernel	=2.6.20.11
Linux Linux kernel	=2.6.32.6
Linux Linux kernel	=2.6.19
Linux Linux kernel	=2.6.20.3
Linux Linux kernel	=2.6.16
Linux Linux kernel	=2.6.30.4
Linux Linux kernel	=2.6.28.3
Linux Linux kernel	=2.6.22.13
Linux Linux kernel	=2.6.19.7
Linux Linux kernel	=2.6.21.3
Linux Linux kernel	=2.6.24.5
Linux Linux kernel	=2.6.16.51
Linux Linux kernel	=2.6.15.2
Linux Linux kernel	=2.6.20.19
Linux Linux kernel	=2.6.16.22
Linux Linux kernel	=2.6.22.17
Linux Linux kernel	=2.6.33-rc7
Linux Linux kernel	=2.6.16.58
Linux Linux kernel	=2.6.28-rc6
Linux Linux kernel	=2.6.16.40
Linux Linux kernel	=2.6.32-rc7
Linux Linux kernel	=2.6.27.35
Linux Linux kernel	=2.6.16.47
Linux Linux kernel	=2.6.16.42
Linux Linux kernel	=2.6.33-rc8
Linux Linux kernel	=2.6.27.22
Linux Linux kernel	=2.6.23.14
Linux Linux kernel	=2.6.17.11
Linux Linux kernel	=2.6.16.10
Linux Linux kernel	=2.6.12.4
Linux Linux kernel	=2.6.16.41
Linux Linux kernel	=2.6.16.52
Linux Linux kernel	=2.6.11.3
Linux Linux kernel	=2.6.20.10
Linux Linux kernel	=2.6.33-rc3
Linux Linux kernel	=2.6.16.24
Linux Linux kernel	=2.6.31-rc7
Linux Linux kernel	=2.6.25.10
Linux Linux kernel	=2.6.22.11
Linux Linux kernel	=2.6.16.55
Linux Linux kernel	=2.6.16.31--rc2
Linux Linux kernel	=2.6.23
Linux Linux kernel	=2.6.12.3
Linux Linux kernel	=2.6.22.10
Linux Linux kernel	=2.6.27-rc2
Linux Linux kernel	=2.6.29.6
Linux Linux kernel	=2.6.27-rc1
Linux Linux kernel	=2.6.23.17
Linux Linux kernel	=2.6.27.5
Linux Linux kernel	=2.6.29-rc2_git7
Linux Linux kernel	=2.6.23.2
Linux Linux kernel	=2.6.25.1
Linux Linux kernel	=2.6.25.4
Linux Linux kernel	=2.6.28.9
Linux Linux kernel	=2.6.30.2
Linux Linux kernel	=2.6.34-rc3
Linux Linux kernel	=2.6.7
Linux Linux kernel	=2.6.32.4
Linux Linux kernel	<=2.6.34
Linux Linux kernel	=2.6.21.7
Linux Linux kernel	=2.6.30.6
Linux Linux kernel	=2.6.16.30
Linux Linux kernel	=2.6.21.2
Linux Linux kernel	=2.6.15.4
Linux Linux kernel	=2.6.27.7
Linux Linux kernel	=2.6.16.59
Linux Linux kernel	=2.6.30.1
Linux Linux kernel	=2.6.16.38
Linux Linux kernel	=2.6.24-rc2
Linux Linux kernel	=2.6.16.17
Linux Linux kernel	=2.6.26.8
Linux Linux kernel	=2.6.20.2
Linux Linux kernel	=2.6.22.22
Linux Linux kernel	=2.6.28.6
Linux Linux kernel	=2.6.16.12
Linux Linux kernel	=2.6.29-rc1
Linux Linux kernel	=2.6.16.31--rc1
Linux Linux kernel	=2.6.31.5
Linux Linux kernel	=2.6.16.27
Linux Linux kernel	=2.6.16.53
Linux Linux kernel	=2.6.28.7
Linux Linux kernel	=2.6.18-rc7
Linux Linux kernel	=2.6.12.6
Linux Linux kernel	=2.6.31.11
Linux Linux kernel	=2.6.31-rc8
Linux Linux kernel	=2.6.17.7
Linux Linux kernel	=2.6.20.1
Linux Linux kernel	=2.6.11.7
Linux Linux kernel	=2.6.27-rc4
Linux Linux kernel	=2.6.16.2
Linux Linux kernel	=2.6.24.6
Linux Linux kernel	=2.6.28-rc3
Linux Linux kernel	=2.6.31-rc3
Linux Linux kernel	=2.6.18.6
Linux Linux kernel	=2.6.15
Linux Linux kernel	=2.6.16.44
Linux Linux kernel	=2.6.23.12
Linux Linux kernel	=2.6.16.35
Linux Linux kernel	=2.6.19.6
Linux Linux kernel	=2.6.16.50
Linux Linux kernel	=2.6.25.11
Linux Linux kernel	=2.6.33-rc4
Linux Linux kernel	=2.6.18-rc6
Linux Linux kernel	=2.6.29.2
Linux Linux kernel	=2.6.34-rc4
Linux Linux kernel	=2.6.23.5
Linux Linux kernel	=2.6.22.8
Linux Linux kernel	=2.6.14.2
Linux Linux kernel	=2.6.16.61
Linux Linux kernel	=2.6.32.7
Linux Linux kernel	=2.6.32.8
Linux Linux kernel	=2.6.31-rc2
Linux Linux kernel	=2.6.19.5
Linux Linux kernel	=2.6.18
Linux Linux kernel	=2.6.32.2
Linux Linux kernel	=2.6.27.24
Linux Linux kernel	=2.6.20.4
Linux Linux kernel	=2.6.17.6
Linux Linux kernel	=2.6.23.6
Linux Linux kernel	=2.6.16.7
Linux Linux kernel	=2.6.32.1
Linux Linux kernel	=2.6.17.13
Linux Linux kernel	=2.6.16.60
Linux Linux kernel	=2.6.22.2
Linux Linux kernel	=2.6.8.1
Linux Linux kernel	=2.6.27.11
Linux Linux kernel	=2.6.16.56
Linux Linux kernel	=2.6.28-rc2
Linux Linux kernel	=2.6.31.8
Linux Linux kernel	=2.6.22.19
Linux Linux kernel	=2.6.24.3
Linux Linux kernel	=2.6.31.2
Linux Linux kernel	=2.6.27-rc9
Linux Linux kernel	=2.6.30-rc6
Linux Linux kernel	=2.6.25
Linux Linux kernel	=2.6.32.10
Linux Linux kernel	=2.6.20.14
Linux Linux kernel	=2.6.25.2
Linux Linux kernel	=2.6.32-rc8
Linux Linux kernel	=2.6.22.5
Linux Linux kernel	=2.6.32-rc3
Linux Linux kernel	=2.6.25.7
Linux Linux kernel	=2.6.30.5
Linux Linux kernel	=2.6.25.14
Linux Linux kernel	=2.6.20.7
Linux Linux kernel	=2.6.28.1
Linux Linux kernel	=2.6.30-rc1
Linux Linux kernel	=2.6.16.5
Linux Linux kernel	=2.6.30
Linux Linux kernel	=2.6.11.4
Linux Linux kernel	=2.6.26.4
Linux Linux kernel	=2.6.25.12
Linux Linux kernel	=2.6.16.19
Linux Linux kernel	=2.6.27.6
Linux Linux kernel	=2.6.26.7
Linux Linux kernel	=2.6.29-git1
Linux Linux kernel	=2.6.25.6
Linux Linux kernel	=2.6.11.12
Linux Linux kernel	=2.6.16.20
Linux Linux kernel	=2.6.15.5
Linux Linux kernel	=2.6.30-rc7-git6
Linux Linux kernel	=2.6.28.10
Linux Linux kernel	=2.6.22.16
Linux Linux kernel	=2.6.11.1
Linux Linux kernel	=2.6.30.3
Linux Linux kernel	=2.6.33-rc5
Linux Linux kernel	=2.6.16.31--rc4
Linux Linux kernel	=2.6.18-rc1
Linux Linux kernel	=2.6.9
Linux Linux kernel	=2.6.27.23
Linux Linux kernel	=2.6.13.1
Linux Linux kernel	=2.6.23.11
Linux Linux kernel	=2.6.28
Linux Linux kernel	=2.6.29.5
Linux Linux kernel	=2.6.22.14
Linux Linux kernel	=2.6.6
Linux Linux kernel	=2.6.12
Linux Linux kernel	<2.6.34
Linux Linux kernel	=2.6.34-rc5
openSUSE openSUSE	=11.1
SUSE Linux Enterprise Desktop	=11
Suse Linux Enterprise High Availability Extension	=11
SUSE Linux Enterprise Server	=11
Debian Debian Linux	=5.0

CVE-2010-1437: Race Condition

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact