[ GLSA 200402-06 ] Linux kernel AMD64 ptrace vulnerability

• Previous message: Tim Yamin: "[ GLSA 200402-05 ] phpMyAdmin < 2.5.6-rc1 directory traversal attack"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 17 Feb 2004 02:27:48 +0000
To: bugtraq@securityfocus.com, full-disclosure@lists.netsys.com, security-alerts@linuxsecurity.com, gentoo-core@gentoo.org, gentoo-announce@gentoo.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200402-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
~ http://security.gentoo.org
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

~ Severity: Normal
~ Title: Linux kernel AMD64 ptrace vulnerability
~ Date: February 17, 2004
~ ID: 200402-06

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A vulnerability has been discovered by in the ptrace emulation code for
AMD64 platforms when eflags are processed, allowing a local user to
obtain elevated priveleges.

Affected packages
=================

~ -------------------------------------------------------
~ Kernel / Unaffected Version
~ -------------------------------------------------------

~ ck-sources..........................2.6.2-r1...........
~ development-sources.................2.6.2..............
~ gentoo-dev-sources..................2.6.2..............
~ gentoo-sources......................2.4.20-r12.........
~ gs-sources..........................2.4.25_pre7-r1.....
~ vanilla-prepatch-sources............2.4.25_rc3.........
~ vanilla-sources.....................2.4.24-r1..........

Description
===========

A vulnerability has been discovered by Andi Kleen in the ptrace
emulation code for AMD64 platforms when eflags are processed, allowing a
local user to obtain elevated priveleges. The Common Vulnerabilities and
Exposures project has assigned CAN-2004-0001 to this issue.

Impact
======

( Only users of the AMD64 platform are affected )

In this scenario, a user may be able to obtain elevated priveleges,
including root access. However, no public exploit is known for the
vulnerability at this time.

Workaround
==========

There is no temporary workaround - a kernel upgrade is required. A list
of unaffected kernels is provided along with this announcement.

Resolution
==========

Users are encouraged to upgrade to the latest available sources for
their system:

~ # emerge sync
~ # emerge -pv your-favorite-sources

~ # emerge your-favorite-sources

~ # # Follow usual procedures for compiling and installing a kernel.
~ # # If you use genkernel, run genkernel as you would do normally.

~ # # See http://www.gentoo.org/doc/en/handbook/handbook.xml for help.

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFAMXwiMMXbAy2b2EIRAqDmAKDhG09r3rq6xFlOIB6i6auX1Fcc/ACeO0wE
/deJ+dBC2NsZ+bVLmCrHYZQ=
=IQWM
-----END PGP SIGNATURE-----

• Previous message: Tim Yamin: "[ GLSA 200402-05 ] phpMyAdmin < 2.5.6-rc1 directory traversal attack"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]