logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2009-1338

Description

The kill_something_info function in kernel/signal.c in the Linux kernel before 2.6.28 does not consider PID namespaces when processing signals directed to PID -1, which allows local users to bypass the intended namespace isolation, and send arbitrary signals to all processes in all namespaces, via a kill command. #### Notes Author| Note ---|--- [smb](<https://launchpad.net/~smb>) | Dapper has no pid_namespace.


Affected Package


OS OS Version Package Name Package Version
ubuntu 08.04 linux 2.6.24-24.55
ubuntu 08.10 linux 2.6.27-12.28
ubuntu upstream linux any
ubuntu upstream linux-source-2.6.15 any

Related