blob: ecaa8893e5a9688185a582236fcc5e79aa441436 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
Candidate: CVE-2005-3784
References:
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7ed0175a462c4c30f6df6fac1cccac058f997739
Description:
The auto-reap of child processes in Linux kernel 2.6 before 2.6.15 includes processes
with ptrace attached,which leads to a dangling ptrace reference and allows local users
to cause a denial of service (crash).
Notes:
jmm,horms> 2.4 code seems very different and not vulnerable
Bugs:
upstream: released (2.6.15)
linux-2.6: released (2.6.15-1)
2.6.8-sarge-security: released (2.6.8-16sarge2) [kernel-dont-reap-traced.dpatch]
2.4.27-sarge-security: N/A
2.4.19-woody-security: N/A
2.4.18-woody-security: N/A
2.4.17-woody-security: N/A
2.4.16-woody-security: N/A
2.4.17-woody-security-hppa: N/A
2.4.17-woody-security-ia64: N/A
2.4.18-woody-security-hppa: N/A
|