|
|
Subscribe / Log in / New account

kernel: privilege escalation

Package(s):kernel CVE #(s):CVE-2006-2451
Created:July 7, 2006 Updated:July 26, 2006
Description: The Linux kernel, versions 2.6.13 through 2.6.17.3, has a privilege escalation vulnerability that is related to the handling of core dumps. Local users can create a program that can core dump to a directory that the user does not have permission to write to. This can be exploited for the use of a disk consumption denial of service attack, or the unauthorized gaining of root privileges.
Alerts:
SuSE SUSE-SA:2006:042 kernel 2006-07-26
Fedora FEDORA-2006-806 kernel 2006-07-14
Fedora FEDORA-2006-801 kernel 2006-07-14
rPath rPSA-2006-0122-2 kernel 2006-07-07
Ubuntu USN-311-1 linux-source-2.6.10/-2.6.12/-2.6.15 2006-07-11
rPath rPSA-2006-0122-1 kernel 2006-07-07
Red Hat RHSA-2006:0574-01 kernel 2006-07-07
to post comments

kernel: privilege escalation

Posted Jul 13, 2006 16:12 UTC (Thu) by mattdm (subscriber, #18) [Link] (1 responses)

As I understand it, this bug affects 2.6.13 and up, and only is an issue in 2.6.9 because RHEL backported the feature in which the problem occurs. Can someone confirm this?

kernel: privilege escalation

Posted Jul 13, 2006 16:17 UTC (Thu) by corbet (editor, #1) [Link]

Your understanding is correct - the bug was introduced in 2.6.13. The original wording of this entry was incorrect - fixing it now.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds