LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

kernel: privilege escalation

Package(s):kernel CVE #(s):CVE-2009-1895
Created:July 27, 2009 Updated:March 21, 2011
Description:

From the CVE entry:

The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PER_CLEAR_ON_SETID setting that does not clear the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags when executing a setuid or setgid program, which makes it easier for local users to leverage the details of memory usage to (1) conduct NULL pointer dereference attacks, (2) bypass the mmap_min_addr protection mechanism, or (3) defeat address space layout randomization (ASLR).

Alerts:
Mandriva MDVSA-2011:051 2011-03-18
Red Hat RHSA-2010:0079-01 2010-02-02
CentOS CESA-2009:1438 2009-09-15
Red Hat RHSA-2009:1438-01 2009-09-15
Red Hat RHSA-2009:1540-01 2009-11-03
Fedora FEDORA-2009-9044 2009-08-27
SuSE SUSE-SA:2009:045 2009-08-20
Fedora FEDORA-2009-8649 2009-08-15
Fedora FEDORA-2009-8647 2009-08-15
Fedora FEDORA-2009-8684 2009-08-17
Fedora FEDORA-2009-8144 2009-07-31
Fedora FEDORA-2009-8264 2009-08-04
CentOS CESA-2009:1193 2009-08-05
Red Hat RHSA-2009:1193-01 2009-08-04
Debian DSA-1845-1 2009-06-28
Debian DSA-1844-1 2009-07-28
Ubuntu USN-807-1 2009-07-28
rPath rPSA-2009-0111-1 2009-07-24
CentOS CESA-2009:1550 2009-11-04
Red Hat RHSA-2009:1550-01 2009-11-03
Mandriva MDVSA-2009:289 2009-10-27
Fedora FEDORA-2009-10165 2009-10-03
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds