Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 23 Feb 2017 08:46:30 +0100
From: Marcus Meissner <meissner@...e.de>
To: OSS Security List <oss-security@...ts.openwall.com>
Subject: util-linux 2.29.2 fixes CVE-2017-2616

Hi,

util-linux 2.29.2 fixes CVE-2017-2616, a race condition which allowed local users
to kill other processes.

https://www.kernel.org/pub/linux/utils/util-linux/v2.29/v2.29.2-ReleaseNotes

"
  It is possible for any local user to send SIGKILL to other processes with root
  privileges.  To exploit this, the user must be able to perform su with a
  successful login.  SIGKILL can only be sent to processes which were executed
  after the su process.  It is not possible to send SIGKILL to processes which
  were already running.
"

Root cause of the flaw that a regular exit of the child process and the su ctrl-c kill of the
child PID could race and so you would be able to later started process with this specific PID.

The fix is here:
https://github.com/karelzak/util-linux/commit/dffab154d29a288aa171ff50263ecc8f2e14a891

Ciao, Marcus

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ