Linux Kernel AMD64 ptrace() Non-canonical Address Error Lets Local Users Deny Service
|
|
SecurityTracker Alert ID: 1014302
|
|
SecurityTracker URL: http://securitytracker.com/id?1014302
|
|
CVE Reference: CAN-2005-1762
(Links to External Site)
|
Date: Jun 27 2005
|
Impact: Denial of service via local system
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): 2.6
|
Description: A vulnerability was reported in the Linux kernel ptrace() function, affecting AMD64-based systems. A local user can cause the kernel to crash.
A local user can invoke ptrace() with specially crafted ("non-canonical") addresses to cause the kernel to crash.
This vulnerability only affects the amd64 platform.
|
Impact: A local user can cause the kernel to crash.
|
Solution: The vendor has issued a fix.
|
Vendor URL: www.kernel.org/ (Links to External Site)
|
Cause: Input validation error
|
Underlying OS: Linux (Caldera/SCO), Linux (Conectiva), Linux (Debian), Linux (EnGarde), Linux (Gentoo), Linux (HP Secure OS), Linux (Immunix), Linux (Mandrake), Linux (Progeny Debian), Linux (Red Hat Enterprise), Linux (Red Hat Fedora), Linux (Red Hat Linux), Linux (SGI), Linux (Slackware), Linux (Sun), Linux (SuSE), Linux (Trustix), Linux (Turbo Linux), Linux (Ubuntu), Linux (Xandros)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Mon, 27 Jun 2005 09:51:50 -0400
Subject: [none]
|
Ubuntu reported:
A Denial of Service vulnerability has been discovered in the ptrace()
call on the amd64 platform. By calling ptrace() with specially crafted
("non-canonical") addresses, a local attacker could cause the kernel
to crash. This only affects the amd64 platform. (CAN-2005-1762)
|
|
