Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 610802 (CVE-2017-2616) - [TRACKER] su: user can send SIGKILL with root privileges to other processes (CVE-2017-2616)
Summary: [TRACKER] su: user can send SIGKILL with root privileges to other processes (...
Status: RESOLVED FIXED
Alias: CVE-2017-2616
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL:
Whiteboard:
Keywords: Tracker
Depends on: 610664 610804
Blocks:
  Show dependency tree
 
Reported: 2017-02-24 12:24 UTC by Thomas Deutschmann (RETIRED)
Modified: 2017-07-15 22:59 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Deutschmann (RETIRED) gentoo-dev 2017-02-24 12:24:03 UTC
If su is compiled with PAM support, it is possible for any local user to send SIGKILL to other processes with root privileges. To exploit this, the user must be able to perform su with a successful login. This does NOT have to be the root user, even using su with the same id is enough, e.g. "su $(whoami)". SIGKILL can only be sent to processes which were executed after the su process. It is not possible to send SIGKILL to processes which were already running.