PT-2009-4024 · Linux · Linux Kernel
Eugene Teo
·
Publicado
2009-05-05
·
Atualizado
2020-08-21
·
CVE-2009-1527
CVSS v2.0
6.9
Média
| Vetor | AV:L/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Linux kernel versions prior to 2.6.30-rc4
Description:
A race condition exists in the ptrace attach function, allowing local users to gain privileges. This issue is related to locking an incorrect cred exec mutex object and can be exploited via a PTRACE ATTACH ptrace call during an exec system call that is launching a setuid application.
Recommendations:
For Linux kernel versions prior to 2.6.30-rc4, update to version 2.6.30-rc4 or later to resolve the issue.
Exploit
Correção
Race Condition
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Linux Kernel