Bug 157453

Summary: CAN-2005-1263 Linux kernel ELF core dump privilege elevation (ipf)
Product: Red Hat Enterprise Linux 2.1 Reporter: Mark J. Cox <mjc>
Component: kernelAssignee: Don Howard <dhoward>
Status: CLOSED ERRATA QA Contact: Brian Brock <bbrock>
Severity: high Docs Contact:
Priority: medium    
Version: 2.1Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: ia64   
OS: Linux   
Whiteboard: public=20050511,source=isec,reported=20050510,impact=important
Fixed In Version: RHSA-2005-551 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-08-25 13:18:30 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 143573    

Description Mark J. Cox 2005-05-11 18:34:15 UTC 
"A locally exploitable flaw has been found in the Linux ELF binary format
loader's core dump  function  that  allows  local  users  to  gain  root
privileges and also execute arbitrary code at kernel privilege level."

For the full description see
http://www.securityfocus.com/archive/1/397966/2005-05-08/2005-05-14/0

For the proposed patch see bug #157450 (not backported)
Comment 1 Don Howard 2005-07-28 21:44:14 UTC 
After reviewing this issue and testing the expliot for CAN-2005-1263, I've found
that this has been corrected as of e.57
Comment 4 Red Hat Bugzilla 2005-08-25 13:18:30 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2005-551.html