This kernel contains the fix for
CVE-2006-2451. No other config changes from the
linode21 kernel.
Quote:
CVE-2006-2451:
The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of service (disk consumption) and possibly gain privileges via the PR_SET_DUMPABLE argument of the prctl function and a program that causes a core dump file to be created in a directory for which the user does not have permissions.
Code:
commit 4f9619cdd90ac846fa0ca6e9e8a9d87a0d6b4f57
Author: Greg Kroah-Hartman <gregkh@suse.de>
Date: Thu Jul 6 13:02:28 2006 -0700
Linux 2.6.17.4
commit 0af184bb9f80edfbb94de46cb52e9592e5a547b0
Author: Greg Kroah-Hartman <gregkh@suse.de>
Date: Thu Jul 6 13:02:05 2006 -0700
fix prctl privilege escalation and suid_dumpable (CVE-2006-2451)
Based on a patch from Ernie Petrides
During security research, Red Hat discovered a behavioral flaw in core
dump handling. A local user could create a program that would cause a
core file to be dumped into a directory they would not normally have
permissions to write to. This could lead to a denial of service (disk
consumption), or allow the local user to gain root privileges.
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-Chris
FAQ
Search
Members
Register
Login [ Anonymous ]
