Linux kernel built for the ARM(CONFIG_ARM/CONFIG_ARM64) platforms along with the hardware performance counter support(CONFIG_HW_PERF_EVENTS) is vulnerable to a NULL pointer dereference flaw. This could lead to the kernel crash resulting in DoS or potential privilege escalation to gain root privileges by a non-root user. An unprivileged user/program could use this flaw to crash the kernel resulting in DoS or potential privilege escalation to gain root access to a machine. Upstream fix: ------------- -> https://lkml.org/lkml/2013/8/7/259 Reference: ---------- -> http://seclists.org/oss-sec/2013/q3/381
Statement: This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2.
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 998881]
A better pointer to the fix is probably this: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/arm/kernel/perf_event.c?id=c95eb3184ea1a3a2551df57190c81da695e2144b
kernel-3.10.9-100.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.
kernel-3.10.9-200.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.