Linux Kernel ptrace local DoS vulnerability



There’s a local Denial of Service vulnerability in the linux kernel’s ptrace function according to secunia.com. It reportedly is present in kernel’s prior to 2.6.14.2 and is listed as a non-critical vulnerability. (However any security vulnerability should be treated seriously.) 2.6.14.2 is safe and fixes the vulnerability. The vuln was reported “by the vendor”, in this case, the linux kernel devel team.


From the advisory.

The vulnerability is caused due to a missing check of the thread’s group ID in ptrace.c when trying to determine whether the process is attempting to attach to itself when CLONE_THREAD is used. This may be exploited to cause a kernel crash.

Related Posts

Blog Traffic Exchange Related Posts
  • More linux software raid fun OK, I know there are probably quite a few looking at this thinking.... "Hello where has he been?" when I'm talking about playing around with software raid under ubuntu linux, but.... in spite of all I've done supporting desktop systems and even small business servers I've never had an opportunity......
  • Firefox vulnerabilities and 1.5 Release Candidate I know there's been at least one and probably a couple of Mozilla Firefox vulnerabilities announced in the last month or so. There are currently (according to Secunia) 3 unpatched Firefox vulnerabilities. The secunia page for firefox has the details. There are two vulnerabilites for which there is a workaround......
  • Google Picasa for Linux One of the big stories out today... Google has released an "early beta" version of Picasa for linux. I first saw the news from the ZDNet Googling Google blog. There are deb, rpm and bin downloads available. The Official Google blog gives a few more details, for instance... this "magic"......
Blog Traffic Exchange Related Websites
  • Stock Assault 2.0 AI Software - 60% Commission, 17% Conversion Rate Once your copy of Stock Assault 2.0 picks a stock, you can also research the stock using the built-in features such as charting if you wish.Real day traders and professional traders do just that, hence the name "day" traders.But we'll guarantee that you'll barely make any money after a year......
  • Hard Drive Data Recovery Software Some people think that hard drive data recovery can be really difficult. Because of the reliable software tools that are available on the market today, it is possible to recover data even if they are already deleted. Usually, people accidentally deletes file on their computers and some of them......
  • An Exercise Plan Everyone Can Enjoy Can exercise really be fun? The answer is yes – if you go about it the right way. There are many different motivational books about exercise and the main component is usually that group exercise is the most effective. If you have been thinking about getting fit, why not help......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site