LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Relicensing and rebasing LibreOffice

LWN.net Weekly Edition for May 24, 2012

A uTouch architecture introduction

LWN.net Weekly Edition for May 17, 2012

Tasting the Ice Cream Sandwich

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

kernel: privilege escalation

Package(s):kernel CVE #(s):CVE-2006-2451
Created:July 7, 2006 Updated:July 26, 2006
Description: The Linux kernel, versions 2.6.13 through 2.6.17.3, has a privilege escalation vulnerability that is related to the handling of core dumps. Local users can create a program that can core dump to a directory that the user does not have permission to write to. This can be exploited for the use of a disk consumption denial of service attack, or the unauthorized gaining of root privileges.
Alerts:
SuSE SUSE-SA:2006:042 2006-07-26
Fedora FEDORA-2006-806 2006-07-14
Fedora FEDORA-2006-801 2006-07-14
rPath rPSA-2006-0122-2 2006-07-07
Ubuntu USN-311-1 2006-07-11
rPath rPSA-2006-0122-1 2006-07-07
Red Hat RHSA-2006:0574-01 2006-07-07
(Log in to post comments)

kernel: privilege escalation

Posted Jul 13, 2006 16:12 UTC (Thu) by mattdm (subscriber, #18) [Link]

As I understand it, this bug affects 2.6.13 and up, and only is an issue in 2.6.9 because RHEL backported the feature in which the problem occurs. Can someone confirm this?

kernel: privilege escalation

Posted Jul 13, 2006 16:17 UTC (Thu) by corbet (editor, #1) [Link]

Your understanding is correct - the bug was introduced in 2.6.13. The original wording of this entry was incorrect - fixing it now.

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds