blob: 6069194d055de8d5062c345ce08f1764be7d346a (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
Candidate: CVE-2009-2691
Description:
The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier
allows local users to read (1) maps and (2) smaps files under proc/ via vectors
related to ELF loading, a setuid process, and a race condition.
References:
Ubuntu-Description:
Notes:
Bugs:
upstream: released (2.6.31-rc6) [13f0fea, 00f89d2, 704b836], released (2.6.30.5) [95d7e670e3158b6a52a8279290a0d6f7047250b4, 17dc3e97d6d51df33cb6e35fabb62b91ef14cf2c, c6d59cb0341e2c3aed3eb65cbf166a686c3443aa]
linux-2.6: released (2.6.30-7)
2.6.18-etch-security: ignored (end of life)
2.6.24-etch-security: released (2.6.24-6~etchnhalf.9etch3) [bugfix/all/maps-visible-during-initial-setuid-ELF-loading.patch]
2.6.26-lenny-security: released (2.6.26-21) [bugfix/all/maps-visible-during-initial-setuid-ELF-loading.patch]
|
