Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 610802 (CVE-2017-2616)

Summary: [TRACKER] su: user can send SIGKILL with root privileges to other processes (CVE-2017-2616)
Product: Gentoo Security Reporter: Thomas Deutschmann (RETIRED) <whissi>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal Keywords: Tracker
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on: 610664, 610804    
Bug Blocks:    

Description Thomas Deutschmann (RETIRED) gentoo-dev 2017-02-24 12:24:03 UTC 
If su is compiled with PAM support, it is possible for any local user to send SIGKILL to other processes with root privileges. To exploit this, the user must be able to perform su with a successful login. This does NOT have to be the root user, even using su with the same id is enough, e.g. "su $(whoami)". SIGKILL can only be sent to processes which were executed after the su process. It is not possible to send SIGKILL to processes which were already running.