Pinkie Pie discovered an issue in the futex subsystem that
allows a local user to gain ring 0 control via the futex syscall. An
unprivileged user could use this flaw to crash the kernel (resulting in
denial of service) or for privilege escalation.
The restore_fpu_checking function in
arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the
AMD K7 and K8 platforms does not clear pending exceptions before proceeding
to an EMMS instruction, which allows local users to cause a denial of
service (task kill) or possibly gain privileges via a crafted application.
For Debian 6 Squeeze, these issues have been fixed in linux-2.6 version 2.6.32-48squeeze7