Secunia

Some vulnerabilities have been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, and potentially gain escalated privileges.

1) A vulnerability is caused due to the "do_pages_move()" function in mm/migrate.c not properly verifying the node values received from userspace, which can be exploited to cause a crash or disclose memory via a specially crafted "move_pages" system call.

2) A vulnerability is caused due to a NULL pointer dereference error within the "wake_futex_pi()" function in kernel/futex.c, which can be exploited to cause a crash and potentially gain escalated privileges.

3) A futex key reference counting error within the "futex_lock_pi()" function in kernel/futex.c can be exploited to cause a kernel crash by e.g. unmounting an ext3 file system with a futex created in a temporary file.

Solution
Update to version 2.6.32.9.

Provided and/or discovered by
1) Ramon de Carvalho Valle
2) Disclosed in a GIT commit.
3) Mikael Pettersson

Changelog
Further details available in Customer Area

Original Advisory
1) http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6f5a55f1a6c5abee15a0e878e5c74d9f1569b8b0
2) http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=51246bfd189064079c54421507236fd2723b18f3
3) http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5ecb01cfdf96c5f465192bdb2a4fd4a61a24c6cc

Deep Links
Links available in Customer Area