Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed, 11 Mar 2009 08:34:24 +0800
From: Eugene Teo <eugene@...hat.com>
To: oss-security@...ts.openwall.com
CC: "Steven M. Christey" <coley@...us.mitre.org>
Subject: CVE-2009-0028 Linux kernel minor signal handling vulnerability

Reported by Chris Evans:
It's a relatively minor signal issue where a child can send its parent 
process an arbitrary signal, even if the parent has a totally separate 
real and effective user id. This could be a nuisance in the case where 
long-running root daemons spawn direct child processes owned by 
untrusted users [*]. There may even be worse consequences if privileged 
processes have weak signal handling code for signals not normally 
triggerable by untrusted users.

This is fixed in upstream kernel - 2d5516cbb9d

References:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-0028
http://scary.beasts.org/security/CESA-2009-002.html
http://scarybeastsecurity.blogspot.com/2009/02/linux-kernel-minor-signal-vulnerability.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2d5516cbb9daf7d0e342a2e3b0fc6f8c39a81205

Thanks, Eugene
-- 
Eugene Teo / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ