Home | Docs | Forums | Lists | Bugs | Planet | Store | GMN | Get Gentoo!
Not eligible to see or edit group visibility for this bug.
View Bug Activity | Format For Printing | XML | Clone This Bug
Bump request -- 2.6.17.4 fixes a bug in core dumping that could give a local user a privlage escalation. From the changelogs: commit 4f9619cdd90ac846fa0ca6e9e8a9d87a0d6b4f57 Author: Greg Kroah-Hartman <gregkh@suse.de> Date: Thu Jul 6 13:02:28 2006 -0700 Linux 2.6.17.4 commit 0af184bb9f80edfbb94de46cb52e9592e5a547b0 Author: Greg Kroah-Hartman <gregkh@suse.de> Date: Thu Jul 6 13:02:05 2006 -0700 fix prctl privilege escalation and suid_dumpable (CVE-2006-2451) Based on a patch from Ernie Petrides During security research, Red Hat discovered a behavioral flaw in core dump handling. A local user could create a program that would cause a core file to be dumped into a directory they would not normally have permissions to write to. This could lead to a denial of service (disk consumption), or allow the local user to gain root privileges. Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
*** This bug has been marked as a duplicate of 139475 ***
