[linux-source] missing access checks, possible local root exploit
Bug #191208 reported by
disabled.user
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux-meta (Ubuntu) |
Invalid
|
Undecided
|
Kees Cook |
Bug Description
Binary package hint: linux-source
References:
DSA-1494-1 (http://
Quoting:
"The vmsplice system call did not properly verify address arguments
passed by user space processes, which allowed local attackers to
overwrite arbitrary kernel memory, gaining root privileges
(CVE-2008-0010, CVE-2008-0600).
In the vserver-enabled kernels, a missing access check on certain
symlinks in /proc enabled local attackers to access resources in other
vservers (CVE-2008-0163)."
CVE References
To post a comment you must log in.
See also: www.mandriva. com/en/ security/ advisories? name=MDVSA- 2008:043)
MDVSA-2008:043 (http://
"A flaw in the vmsplice system call did not properly verify address
arguments passed by user-space processes, which allowed local attackers
to overwrite arbitrary kernel memory and gain root privileges.
Mandriva urges all users to upgrade to these new kernels immediately
as this flaw is being actively exploited. This issue only affects
2.6.17 and newer Linux kernels, [...]"
And: lists.opensuse. org/opensuse- security- announce/ 2008-02/ msg00004. html
http://
"Hi folks,
As you are undoubtly aware a new local root exploit has been
discovered on the weekend and reported to a wide audience.
The CVE identifier is CVE-2008-0600.
The problem affects only kernels 2.6.17 and newer, so it affects
only following of our products:
- openSUSE 10.2 (2.6.18.x kernel)
- openSUSE 10.3 (2.6.22.x kernel)"