Linux Kernel vmsplice() Memory Dereference Bug Lets Local Users Gain Root Privileges
|
|
SecurityTracker Alert ID: 1019393
|
|
SecurityTracker URL: http://securitytracker.com/id?1019393
|
|
CVE Reference: CVE-2008-0600
(Links to External Site)
|
Date: Feb 12 2008
|
Impact: Execution of arbitrary code via local system, Root access via local system
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): 2.6.23 - 2.6.24
|
Description: A vulnerability was reported in Linux Kernel. A local user can obtain root privileges on the target system.
A local user can trigger a flaw in the vmsplice_to_user() function in 'fs/splice.c' to trigger a memory dereference error and execute
arbitrary code on the target system.
A local user can also exploit a flaw in the copy_from_user_mmap_sem() function to read arbitrary
kernel memory locations.
Wojciech Purczynski reported this vulnerability.
|
Impact: A local user can obtain root privileges on the target system.
|
Solution: The vendor has issued a source code fix.
|
Vendor URL: www.kernel.org/ (Links to External Site)
|
Cause: Access control error
|
Underlying OS: Linux (Caldera/SCO), Linux (Conectiva), Linux (Debian), Linux (EnGarde), Linux (Gentoo), Linux (HP Secure OS), Linux (Immunix), Linux (Mandriva/Mandrake), Linux (Progeny Debian), Linux (Red Hat Enterprise), Linux (Red Hat Fedora), Linux (Red Hat Linux), Linux (SGI), Linux (Slackware), Linux (Sun), Linux (SuSE), Linux (Trustix), Linux (Turbo Linux), Linux (Ubuntu), Linux (Xandros)
|
Reported By: Wojciech Purczynski <cliph@isec.pl>
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
|
|
[Original Message Not Available for Viewing]
|
|
