| commit | 9e4e45f19bdd41b4091e5fe556f816f4046c7598 | |
| author | Greg Kroah-Hartman <gregkh@suse.de> | |
| Thu, 6 Jul 2006 20:05:42 +0000 (6 13:05 -0700) | ||
| committer | Greg Kroah-Hartman <gregkh@suse.de> | |
| Thu, 6 Jul 2006 20:05:42 +0000 (6 13:05 -0700) | ||
| tree | 532a3c15aa1810ae15547cfd9f15cd84bcd2dfb0 | treesnapshot (tar.gz zip) |
| parent | 2bd44a13c95e870c64ff0e3c22b5d727eb6627ea | commitdiff |
fix prctl privilege escalation and suid_dumpable (CVE-2006-2451)
Based on a patch from Ernie Petrides
During security research, Red Hat discovered a behavioral flaw in core
dump handling. A local user could create a program that would cause a
core file to be dumped into a directory they would not normally have
permissions to write to. This could lead to a denial of service (disk
consumption), or allow the local user to gain root privileges.
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Based on a patch from Ernie Petrides
During security research, Red Hat discovered a behavioral flaw in core
dump handling. A local user could create a program that would cause a
core file to be dumped into a directory they would not normally have
permissions to write to. This could lead to a denial of service (disk
consumption), or allow the local user to gain root privileges.
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
| kernel/sys.c | diffblobblamehistory |