[kernel-sec-discuss] r530 - patch-tracking
Dann Frazier
dannf at costa.debian.org
Mon Aug 14 02:14:41 UTC 2006
Author: dannf
Date: 2006-08-14 02:14:41 +0000 (Mon, 14 Aug 2006)
New Revision: 530
Modified:
patch-tracking/CVE-2006-3626
Log:
mark released versions & fix some syntax problems
Modified: patch-tracking/CVE-2006-3626
===================================================================
--- patch-tracking/CVE-2006-3626 2006-08-14 02:10:57 UTC (rev 529)
+++ patch-tracking/CVE-2006-3626 2006-08-14 02:14:41 UTC (rev 530)
@@ -1,13 +1,15 @@
Candidate: CVE-2006-3626
-References: FULLDISC:20060714, http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047907.html
+References:
+ FULLDISC:20060714, http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047907.html
+ http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3
Description: Linux kernel 0day - dynamite inside, don't burn your fingers
-Race condition in Linux kernel 2.6.17.4 and earlier allows local users
-to gain root privileges by using prctl with PR_SET_DUMPABLE in a way
-that causes /proc/self/environ to become setuid root.
+ Race condition in Linux kernel 2.6.17.4 and earlier allows local users
+ to gain root privileges by using prctl with PR_SET_DUMPABLE in a way
+ that causes /proc/self/environ to become setuid root.
Notes:
Bugs:
-upstream: http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3
+upstream: released (2.6.16.25, 2.6.17.5)
linux-2.6.16:
-linux-2.6: needed
-2.6.8-sarge-security: pending (2.6.8-16sarge4)
+linux-2.6: released (2.6.16-17, 2.6.17-4)
+2.6.8-sarge-security: released (2.6.8-16sarge4)
2.4.27-sarge-security: N/A
More information about the kernel-sec-discuss
mailing list