Linux Kernel prctl Core Dumpe Handling Local Privilege Escalation

2006-07-06T08:18:55
ID OSVDB:27030
Type osvdb
Reporter Red Hat, Inc.()
Modified 2006-07-06T08:18:55

Description

Vulnerability Description

Linux Kernel contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when an error occurs during handling of core dumps by the 'prctl' function. This flaw may allow privilege escalation and lead to a loss of Integrity.

Solution Description

Upgrade to version 2.6.17.4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Linux Kernel contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when an error occurs during handling of core dumps by the 'prctl' function. This flaw may allow privilege escalation and lead to a loss of Integrity.

References:

Vendor Specific News/Changelog Entry: http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.4 Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Secunia Advisory ID:20965 Secunia Advisory ID:20953 Secunia Advisory ID:20991 Secunia Advisory ID:21179 Secunia Advisory ID:21498 Secunia Advisory ID:20986 Secunia Advisory ID:21966 RedHat RHSA: RHSA-2006:0574 Other Advisory URL: https://issues.rpath.com/browse/RPL-488 Mail List Post: http://archives.neohapsis.com/archives/dailydave/2006-q3/0018.html Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0234.html Generic Exploit URL: http://www.rs-labs.com/exploitsntools/rs_prctl_kernel.c FrSIRT Advisory: ADV-2006-2699 CVE-2006-2451