Bug 1730895 (CVE-2019-13272)
| Summary: | CVE-2019-13272 kernel: broken permission and object lifetime handling for PTRACE_TRACEME | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Laura Pardo <lpardo> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | acaringi, ahardin, airlied, bhu, blc, bleanhar, brdeoliv, bskeggs, ccoleman, cperry, dblechte, dedgar, dfediuck, dhoward, dvlasenk, eedri, esammons, fhrbata, gmollett, hdegoede, hkrzesin, iboverma, ichavero, itamar, jarodwilson, jeremy, jforbes, jglisse, jgoulding, jlelli, john.j5live, jonathan, josef, jross, jshortt, jstancek, jwboyer, kernel-maint, kernel-mgr, labbott, lgoncalv, linville, matt, mchappel, mchehab, mcressma, mgoldboi, michal.skrivanek, mjg59, mlangsdo, nmurray, pasik, plougher, rt-maint, rvrbovsk, sbonazzo, security-response-team, sherold, steved, williams, wmealing, yturgema |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | kernel 5.1.17 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A flaw was found in the way PTRACE_TRACEME functionality was handled in the Linux kernel. The kernel's implementation of ptrace can inadvertently grant elevated permissions to an attacker who can then abuse the relationship between the tracer and the process being traced. This flaw could allow a local, unprivileged user to increase their privileges on the system or cause a denial of service.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-08-07 13:18:23 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1730897, 1730956, 1730957, 1730958, 1730959, 1730960, 1731005 | ||
| Bug Blocks: | 1730901 | ||
|
Description
Laura Pardo
2019-07-17 20:06:24 UTC
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1730897] This flaw is rated as Important. The attack vector is available by default in the affected installations and the selinux boolean to deny ptrace is not defaultly enabled Statement: Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/articles/4292201 Mitigation: For mitigation, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/articles/4292201 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2019:2405 https://access.redhat.com/errata/RHSA-2019:2405 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-13272 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2019:2411 https://access.redhat.com/errata/RHSA-2019:2411 This issue has been addressed in the following products: OpenShift Container Platform 4 Via RHBA-2019:2417 https://access.redhat.com/errata/RHBA-2019:2417 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:2809 https://access.redhat.com/errata/RHSA-2019:2809 OpenShift Container Platform 4 does not ship its own kernel package, instead using versions shipped in RHEL. Removing from flaw bug affects. |