Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 26 Jun 2008 16:53:38 +0200
From: Jan Lieskovsky <>
Subject: CVE-2008-2365 kernel: ptrace: Crash on PTRACE_{ATTACH,DETACH} race
	-- affecting kernel versions <= 2.6.25

Hello guys,

  wanted to inform you about recently discovered utrace/ptrace
attach and detach race condition affecting Linux kernel from versions
2.6.9 up to the upstream one (< 2.6.25).
The upstream Linux kernel version got already patched with the following
three patches, which resolve this issue:;a=commit;h=5ecfbae093f0c37311e89b29bfc0c9d586eace87;a=commit;h=f5b40e363ad6041a96e3da32281d8faa191597b9;a=commit;h=f358166a9405e4f1d8e50d8f415c26d95505b6de

More 2.6.9 kernel version specific details about this issue
can be found at:

To resolve this issue on the 2.6.9 version of the Linux kernel,
you will need to backport the above upstream patches.

There is also testcase available to reproduce this issue at:

This works for both utrace (2.6.9) and ptrace (not patched upstream) 
*trace call versions.

Please use CVE-2008-2365 identifier, for future references to this

If you are shipping kernel versions < 2.6.25, you are encouraged
to fix this issue.

Let me know, if you would need any further details about this issue
and ways, how to reproduce it. 

Kind regards
Jan iankko Lieskovsky
RH Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.