CVE-2009-1388

Name of the Vulnerable Software and Affected Versions Linux kernel version 2.6.18

Description The issue arises from the ptrace start function in kernel/ptrace.c, which does not properly handle simultaneous execution of the do coredump function. This allows local users to cause a denial of service (deadlock) via vectors involving the ptrace system call and a coredumping thread.

Recommendations For Linux kernel version 2.6.18, consider disabling the ptrace system call as a temporary workaround until a patch is available. Restrict access to the coredumping thread to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.