Published: 04 January 2012
The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process.
From the Ubuntu security team
A flaw was found in how the linux kernel handles user-space held futexs. An unprivileged user could exploit this flaw to cause a denial of service or possibly elevate privileges.