Maker tech hub — AI · 3D print · Pi · ESP32 · plus the classic tech archive.

Free ESP32 kit · Books · Network Ninja · Archive

Classic tech archive. From the original averyjparker.com tech blog — historical context; pair with modern guides where noted. Full archive · Maker projects · Network Ninja

Classic tip · Linux

Linux Kernel ptrace local DoS vulnerability

There's a local Denial of Service vulnerability in the linux kernel's ptrace function according to secunia.com. It reportedly is present in kernel's prior to 2.6.14.2 and is listed as a non-critical …

Written by

Avery J. Parker

IT veteran, maker educator, and author of Network Ninja, 3D Printing Mastery, and AI Workflow Mastery. Business IT: Diversified Tech Solutions.

There's a local Denial of Service vulnerability in the linux kernel's ptrace function according to secunia.com. It reportedly is present in kernel's prior to 2.6.14.2 and is listed as a non-critical vulnerability. (However any security vulnerability should be treated seriously.) 2.6.14.2 is safe and fixes the vulnerability. The vuln was reported "by the vendor", in this case, the linux kernel devel team. From the advisory.
The vulnerability is caused due to a missing check of the thread's group ID in ptrace.c when trying to determine whether the process is attempting to attach to itself when CLONE_THREAD is used. This may be exploited to cause a kernel crash.