[<prev] [next>] [thread-next>] [month] [year] [list]
Date: Thu, 26 Jun 2008 16:53:38 +0200
From: Jan Lieskovsky <jlieskov@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE-2008-2365 kernel: ptrace: Crash on PTRACE_{ATTACH,DETACH} race
-- affecting kernel versions <= 2.6.25
Hello guys,
wanted to inform you about recently discovered utrace/ptrace
attach and detach race condition affecting Linux kernel from versions
2.6.9 up to the upstream one (< 2.6.25).
The upstream Linux kernel version got already patched with the following
three patches, which resolve this issue:
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=commit;h=5ecfbae093f0c37311e89b29bfc0c9d586eace87
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=commit;h=f5b40e363ad6041a96e3da32281d8faa191597b9
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=commit;h=f358166a9405e4f1d8e50d8f415c26d95505b6de
More 2.6.9 kernel version specific details about this issue
can be found at:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2365
To resolve this issue on the 2.6.9 version of the Linux kernel,
you will need to backport the above upstream patches.
There is also testcase available to reproduce this issue at:
http://sources.redhat.com/cgi-bin/cvsweb.cgi/~checkout~/tests/ptrace-tests/tests/late-ptrace-may-attach-check.c?cvsroot=systemtap
This works for both utrace (2.6.9) and ptrace (not patched upstream)
*trace call versions.
Please use CVE-2008-2365 identifier, for future references to this
issue.
If you are shipping kernel versions < 2.6.25, you are encouraged
to fix this issue.
Let me know, if you would need any further details about this issue
and ways, how to reproduce it.
Kind regards
Jan iankko Lieskovsky
RH Security Response Team
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Hosted by DataForce ISP -
Powered by Openwall GNU/*/Linux