Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 140303 - sys-kernel/xen-sources revision bump to fix security bug Privilege escalation through prctl() and suid_dumpable (CVE-2006-2451)
Summary: sys-kernel/xen-sources revision bump to fix security bug Privilege escalation...
Status: RESOLVED DUPLICATE of bug 139475
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: High critical (vote)
Assignee: Gentoo Security
URL: http://lists.xensource.com/archives/h...
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-07-13 23:41 UTC by Tuan Van (RETIRED)
Modified: 2006-07-14 02:01 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
patch against xen-sources-2.6.16.18.patch ebuild (xen-sources-2.6.16.18.patch,724 bytes, patch)
2006-07-13 23:44 UTC, Tuan Van (RETIRED) 		no flags Details | Diff
files/xen-sources-2.6.16.18-CVE-2006-2451.patch (xen-sources-2.6.16.18-CVE-2006-2451.patch,397 bytes, patch)
2006-07-13 23:46 UTC, Tuan Van (RETIRED) 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Tuan Van (RETIRED) gentoo-dev 2006-07-13 23:41:09 UTC 
I rate this critical some people got owned by this bug.
Patches to follow.
Comment 1 Tuan Van (RETIRED) gentoo-dev 2006-07-13 23:44:15 UTC 
Created attachment 91683 [details, diff]
patch against xen-sources-2.6.16.18.patch ebuild
Comment 2 Tuan Van (RETIRED) gentoo-dev 2006-07-13 23:46:05 UTC 
Created attachment 91684 [details, diff]
files/xen-sources-2.6.16.18-CVE-2006-2451.patch

patch taken from http://lists.xensource.com/archives/html/xen-devel/2006-07/msg00425.html
Comment 3 Tim Yamin (RETIRED) gentoo-dev 2006-07-14 02:01:05 UTC 
Duping against the main bug; this is fixed in 2.6.16.24 to which xen-sources should be updated instead.

*** This bug has been marked as a duplicate of 139475 ***