[kernel] r4938 - patch-tracking
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Wed Nov 30 10:11:24 UTC 2005
Author: jmm-guest
Date: Wed Nov 30 10:11:24 2005
New Revision: 4938
Added:
patch-tracking/CVE-2005-3783
Log:
and another ptrace dos vulnerability
Added: patch-tracking/CVE-2005-3783
==============================================================================
--- (empty file)
+++ patch-tracking/CVE-2005-3783 Wed Nov 30 10:11:24 2005
@@ -0,0 +1,24 @@
+Candidate: CVE-2005-3783
+References:
+ http://www.kernel.org/git/?p=linux/kernel/git/gregkh/linux-2.6.14.y.git;a=commit;h=082d52c56f642d21b771a13221068d40915a1409
+ http://www.kernel.org/git/?p=linux/kernel/git/gregkh/linux-2.6.14.y.git;a=blobdiff;h=fcfc4568b45f3f190ba320b0d5853836921cb8bc;hp=019e04ec065a55d8f28157d3a1f7ba06cafd347f;hb=082d52c56f642d21b771a13221068d40915a1409;f=kernel/ptrace.c
+
+Description:
+ The ptrace functionality (ptrace.c) in Linux kernel 2.6 before 2.6.14.2,
+ using CLONE_THREAD, does not use the thread group ID to check whether it
+ is attaching to itself, which allows local users to cause a denial of
+ service (crash).
+
+Notes:
+Bugs:
+upstream:
+2.6.14:
+2.6.8-sarge-security:
+2.4.27-sarge-security:
+2.6.8:
+2.4.19-woody-security:
+2.4.18-woody-security:
+2.4.17-woody-security:
+2.4.16-woody-security:
+2.4.17-woody-security-hppa:
+2.4.17-woody-security-ia64:
More information about the Kernel-svn-changes
mailing list