Linux Kernel AMD64 PTrace Bug Lets Local Users Deny Service
|
|
SecurityTracker Alert ID: 1020047
|
|
SecurityTracker URL: http://securitytracker.com/id?1020047
|
|
CVE Reference: CVE-2008-1615
(Links to External Site)
|
Date: May 20 2008
|
Impact: Denial of service via local system
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): 2.6.18
|
Description: A vulnerability was reported in the Linux Kernel. A local user can cause denial of service conditions.
A local user can invoke the process-trace capability to cause the kernel to crash.
|
Impact: A local user can cause the target system to crash.
|
Solution: The vendor has issued a source code fix.
|
Vendor URL: www.kernel.org/ (Links to External Site)
|
Cause: Not specified
|
Underlying OS: Linux (Caldera/SCO), Linux (Conectiva), Linux (Debian), Linux (EnGarde), Linux (Gentoo), Linux (HP Secure OS), Linux (Immunix), Linux (Mandriva/Mandrake), Linux (Progeny Debian), Linux (Red Hat Enterprise), Linux (Red Hat Fedora), Linux (Red Hat Linux), Linux (SGI), Linux (Slackware), Linux (Sun), Linux (SuSE), Linux (Trustix), Linux (Turbo Linux), Linux (Ubuntu), Linux (Xandros)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Tue, 20 May 2008 06:10:28 -0400
Subject: Linux Kernel
|
Red Hat wrote:
* on AMD64 architectures, the possibility of a kernel crash was discovered
by testing the Linux kernel process-trace ability. This could allow a local
unprivileged user to cause a denial of service (kernel crash).
(CVE-2008-1615, Important)
|
|
