Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Linux kernel security hardening Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Tue, 11 Aug 2009 11:17:12 +0800
From: Eugene Teo <eugene@...hat.com>
To: oss-security@...ts.openwall.com
CC: "Steven M. Christey" <coley@...us.mitre.org>, Kees Cook <kees@...ntu.com>
Subject: CVE-2009-2691 kernel: /proc/$pid/maps visible during initial setuid
 ELF loading

Steve Beattie and Kees Cook noticed that the /proc/$pid/maps and smaps
files are readable during ELF loading for processes that a user should
not normally be able to see (for example, when launching a setuid process).

I have assigned this with CVE-2009-2691.

Upstream commits:
http://git.kernel.org/linus/13f0feafa6b8aead57a2a328e2fca6a5828bf286
http://git.kernel.org/linus/00f89d218523b9bf6b522349c039d5ac80aa536d
http://git.kernel.org/linus/704b836cbf19e885f8366bccb2e4b0474346c02d

References:
http://lkml.org/lkml/2009/6/23/652
http://lkml.org/lkml/2009/6/23/653
http://marc.info/?l=linux-kernel&m=124718946021193
http://marc.info/?l=linux-kernel&m=124718949821250
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-2691

Thanks, Eugene

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ