Summary: | sys-process/procps: process hiding through race condition | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Christopher Díaz Riveros (RETIRED) <chrisadr> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED INVALID | ||
Severity: | normal | CC: | base-system, drobbins |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://nvd.nist.gov/vuln/detail/CVE-2018-1121 | ||
Whiteboard: | A4 [upstream cve] | ||
Package list: | Runtime testing required: | --- |
Description
Christopher Díaz Riveros (RETIRED)
2018-10-15 16:10:32 UTC
Please note that GLSA 201805-14 gives the incorrect impression that following the steps in this GLSA will result in CVE-2018-1121 being addressed, when it hasn't been yet. (In reply to Daniel Robbins from comment #1) > Please note that GLSA 201805-14 gives the incorrect impression that > following the steps in this GLSA will result in CVE-2018-1121 being > addressed, when it hasn't > been yet. Fixed in GLSA 201805-14. RedHat seems to believe this is invalid, "The /proc filesystem is not a reliable mechanism to account for processes running on a system, as it is unable to offer snapshot semantics. Short-lived processes have always been able to escape detection by tools that monitor /proc. This CVE simply identifies a reliable way to do so using inotify. Process accounting for security purposes, or with a requirement to record very short-running processes and those attempting to evade detection, should be performed with more robust methods such as auditd(8) (the Linux Audit Daemon) or systemtap." Any objection to us marking invalid as well? |