LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

Plugging into GCC

LWN.net Weekly Edition for October 2, 2008

Ubuntu debuts its Upstream Report

openSUSE and the distribution of proprietary software

LPC: What's happening with webcams

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

kernel: privilege escalation

Package(s):kernel CVE #(s):CVE-2006-2451
Created:July 7, 2006 Updated:July 26, 2006
Description: The Linux kernel, versions 2.6.13 through 2.6.17.3, has a privilege escalation vulnerability that is related to the handling of core dumps. Local users can create a program that can core dump to a directory that the user does not have permission to write to. This can be exploited for the use of a disk consumption denial of service attack, or the unauthorized gaining of root privileges.
Alerts:
SuSE SUSE-SA:2006:042 2006-07-26
Fedora FEDORA-2006-806 2006-07-14
Fedora FEDORA-2006-801 2006-07-14
rPath rPSA-2006-0122-2 2006-07-07
Ubuntu USN-311-1 2006-07-11
rPath rPSA-2006-0122-1 2006-07-07
Red Hat RHSA-2006:0574-01 2006-07-07
(Log in to post comments)

kernel: privilege escalation

Posted Jul 13, 2006 16:12 UTC (Thu) by mattdm (subscriber, #18) [Link]

As I understand it, this bug affects 2.6.13 and up, and only is an issue in 2.6.9 because RHEL backported the feature in which the problem occurs. Can someone confirm this?

kernel: privilege escalation

Posted Jul 13, 2006 16:17 UTC (Thu) by corbet (editor, #1) [Link]

Your understanding is correct - the bug was introduced in 2.6.13. The original wording of this entry was incorrect - fixing it now.

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds