Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  NEWS  community  lists  Wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [month] [year] [list] 
Date: Mon, 04 May 2009 12:31:02 +0800
From: Eugene Teo <eugene@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE request: kernel: ptrace_attach: fix the usage of ->cred_exec_mutex

This vulnerability was introduced in commit d84f4f99 ("CRED: Inaugurate
COW credentials"), and was fixed in commit cad81bc2 ("ptrace:
ptrace_attach: fix the usage of ->cred_exec_mutex").

It affects kernel 2.6.29.

The patch ensured that both ptrace_attach() and the tracee are
serialised by the tracee's cred_exec_mutex. If not, the race can be
exploited by calling ptrace(PTRACE_ATTACH) to the task in the middle of
exec(setuid_application). This could result in a local privilege escalation.

Thanks, Eugene

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ