Date: Fri, 12 Mar 2010 14:32:49 +0800 From: Eugene Teo <eugeneteo@...nel.sg> To: oss-security@...ts.openwall.com CC: coley@...us.mitre.org Subject: CVE-2010-0729 kernel: ia64: ptrace: peek_or_poke requests miss ptrace_check_attach() The "ia64: fix deadlock in ia64 sys_ptrace" patch (no reference as it's only added in our shipped kernels) moved ptrace_check_attach() from find_thread_for_addr() to tasklist-is-not-held area. However it introduced other problems. One of the problems is security-relevant. In certain code path, it is possible that ptrace_check_attach() is not called, and the user can do ptrace() on any target even without PTRACH_ATTACH. This only affects Red Hat Enterprise Linux 4. https://bugzilla.redhat.com/CVE-2010-0729 Thanks, Eugene
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ