Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 12 Mar 2010 14:32:49 +0800
From: Eugene Teo <eugeneteo@...nel.sg>
To: oss-security@...ts.openwall.com
CC: coley@...us.mitre.org
Subject: CVE-2010-0729 kernel: ia64: ptrace: peek_or_poke requests miss ptrace_check_attach()

The "ia64: fix deadlock in ia64 sys_ptrace" patch (no reference as it's 
only added in our shipped kernels) moved ptrace_check_attach() from 
find_thread_for_addr() to tasklist-is-not-held area. However it 
introduced other problems.

One of the problems is security-relevant. In certain code path, it is 
possible that ptrace_check_attach() is not called, and the user can do 
ptrace() on any target even without PTRACH_ATTACH.

This only affects Red Hat Enterprise Linux 4.

https://bugzilla.redhat.com/CVE-2010-0729

Thanks, Eugene


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ