From: Gabor MICSKO <gmicsko@szintezis.hu>
To: Marcel Holtmann <marcel@holtmann.org>
Cc: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: Fix prctl privilege escalation (CVE-2006-2451)
Date: Wed, 12 Jul 2006 18:04:18 +0200 [thread overview]
Message-ID: <1152720258.4457.7.camel@localhost.localdomain> (raw)
In-Reply-To: <1152702720.14173.9.camel@localhost>
[-- Attachment #1: Type: text/plain, Size: 1049 bytes --]
Already fixed since 07/06/2006:
http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.17.y.git;a=commit;h=0af184bb9f80edfbb94de46cb52e9592e5a547b0
http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.17.y.git;a=commitdiff;h=0af184bb9f80edfbb94de46cb52e9592e5a547b0;hp=52cbb7b78994ea3799f1bbb8c03bce1e2f72a271
On Wed, 2006-07-12 at 13:12 +0200, Marcel Holtmann wrote:
> Hi Linus,
>
> attached is the fix with full explanation for CVE-2006-2451. It fixes a
> possible privilege escalation through the prctl() system call.
>
> I also put Michael Kerrisk on CC, because the manual page of prctl()
> needs adjustment. The value 2 for the PR_SET_DUMPABLE flag is no longer
> valid after this patch. The only way to get root-owned core dumps is
> through /proc/sys/fs/suid_dumpable and the manual page should reflect
> that.
>
> Regards
>
> Marcel
--
Micskó Gábor
HP APS, AIS, ASE
Szintézis ZRt.
H-9023 Győr, Tihanyi Á. u. 2.
Tel: +36 96 502 216
Fax: +36 96 318 658
E-mail: gmicsko@szintezis.hu
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 191 bytes --]
next prev parent reply other threads:[~2006-07-12 16:04 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-07-12 11:12 Fix prctl privilege escalation (CVE-2006-2451) Marcel Holtmann
2006-07-12 16:04 ` Gabor MICSKO [this message]
2006-07-12 16:05 ` Marcel Holtmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1152720258.4457.7.camel@localhost.localdomain \
--to=gmicsko@szintezis.hu \
--cc=linux-kernel@vger.kernel.org \
--cc=marcel@holtmann.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.