CVE-2019-15325

Name of the Vulnerable Software and Affected Versions GalliumOS version 3.0

Description The issue arises from the configuration of GalliumOS, where the CONFIG SECURITY YAMA is disabled. However, the /etc/sysctl.d/10-ptrace.conf file attempts to set the /proc/sys/kernel/yama/ptrace scope to 1. This could potentially increase risk due to the misleading appearance of a protection mechanism being in place when, in fact, it is not.

Recommendations For GalliumOS version 3.0, consider enabling CONFIG SECURITY YAMA to ensure the protection mechanism is actually in place, or adjust the /etc/sysctl.d/10-ptrace.conf file to reflect the actual security configuration, avoiding the misleading setting of /proc/sys/kernel/yama/ptrace scope to 1.