Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 139668 - Bump req: vanilla-sources to
Summary: Bump req: vanilla-sources to
Status: RESOLVED DUPLICATE of bug 139475
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: Gentoo Linux bug wranglers
Depends on:
Reported: 2006-07-08 07:41 UTC by Kelly Price
Modified: 2006-07-08 07:52 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Kelly Price 2006-07-08 07:41:05 UTC
Bump request -- fixes a bug in core dumping that could give a local user a privlage escalation.

From the changelogs:

commit 4f9619cdd90ac846fa0ca6e9e8a9d87a0d6b4f57
Author: Greg Kroah-Hartman <>
Date:   Thu Jul 6 13:02:28 2006 -0700


commit 0af184bb9f80edfbb94de46cb52e9592e5a547b0
Author: Greg Kroah-Hartman <>
Date:   Thu Jul 6 13:02:05 2006 -0700

    fix prctl privilege escalation and suid_dumpable (CVE-2006-2451)
    Based on a patch from Ernie Petrides
    During security research, Red Hat discovered a behavioral flaw in core
    dump handling. A local user could create a program that would cause a
    core file to be dumped into a directory they would not normally have
    permissions to write to. This could lead to a denial of service (disk
    consumption), or allow the local user to gain root privileges.
    Signed-off-by: Greg Kroah-Hartman <>
Comment 1 Jakub Moc (RETIRED) gentoo-dev 2006-07-08 07:52:15 UTC

*** This bug has been marked as a duplicate of 139475 ***