Red Hat Bugzilla – Bug 582076
CVE-2010-1162 kernel: tty: release_one_tty() forgets to put pids
Last modified: 2016-03-29 06:15:20 EDT
Description of problem:
release_one_tty(tty) can be called when tty still has a reference to pgrp/session. In this case we leak the pid.
pgrp member in struct tty_struct was converted to struct pid in commit ab521dc0, so kernels of version v2.6.21-rc1 and above are affected by this. mrg-1 backported this patch.
This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 3, 4 and 5 as they did not include upstream commit ab521dc0 that introduced the problem. This issue was addressed in Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2010-0631.html.
This issue has been addressed in following products:
MRG for RHEL-5
Via RHSA-2010:0631 https://rhn.redhat.com/errata/RHSA-2010-0631.html
This bug was accidentally moved from POST to MODIFIED via an error in automation, please see firstname.lastname@example.org with any questions