Hide Forgot
A malicious user who can run an arbitrary image with a non-privileged user in a Container-as-a-service cloud environment could use the exploit to deadlock the container nodes to deny the service for other users. This is confirmed to affect the latest mainline kernel (4.9-rc3) using this kernel config, http://people.redhat.com/qcai/tmp/config-god-4.9rc2 and as old as v3.17. RHEL 7.3 kernel is not affected. References: http://seclists.org/oss-sec/2016/q4/340
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1392440]
Upstream patch: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93362fa47fe98b62e4a34ab408c4a418432e7939