The possibility of executing user code in the context of the kernel was detected and fixed in the futex system call
In the implementation of the futex (fast userspace mutex) system call, stack memory usage after free was detected and eliminated. This, in turn, allowed the attacker to execute his code in the context of the kernel, with all the ensuing consequences from a security point of view. The vulnerability was in the error handler code. A fix for this vulnerability appeared on the Linux mainline on January 28 and […]