Bug 195902 (CVE-2006-2451)
| Summary: | CVE-2006-2451 Possible privilege escalation through prctl() and suid_dumpable | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Marcel Holtmann <holtmann> |
| Component: | vulnerability | Assignee: | Ernie Petrides <petrides> |
| Status: | CLOSED ERRATA | QA Contact: | Brian Brock <bbrock> |
| Severity: | high | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | alan, jbaron, lwang, security-response-team |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | RHSA-2006-0574 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2006-07-07 13:42:37 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 198963 | ||
|
Comment 17
Marcel Holtmann
2006-07-07 11:45:33 UTC
The patch for the stable kernel series of 2.6.17 can be found here: http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.17.y.git;a=commit;h=0af184bb9f80edfbb94de46cb52e9592e5a547b0 An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2006-0574.html committed in stream U4 build 40.1. A test kernel with this patch is available from http://people.redhat.com/~jbaron/rhel4/ Verified fix on 40.1 as well by hand. (for some reason my automated test for this doesn't want to work inside of RHTS.) downside to this is upgrade to the latest kernel on es4 = kernel-2.6.9-34.0.2 and you will be faced with this nasty = https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=188141 It is impossible that the fix included in kernel-2.6.9-34.0.2 can cause any of the symptoms described in bug #188141. Please don't pollute this bug with unreleated descriptions. your comment on this page, i disagree that the bug is fixed in kernel-2.6.9-34.0.2, as on the bugzilla it states that the bug is for kernel-2.6.9-34, are you stating it is therefore fixed in your 0.2 revision? If so why does larry tell me that its only fixed in kernel-2.6.9-42? and that the patch will not be implemented until es4 U4. More importantly i rolled back the kernel on this client to 2.6.9-5 and the swap and load went right down and resumed to normal operation, before hand it had excatly the same symptons as the bug reported and due to the high memory usuage on this box, it caused it to crash after a few days. So i do not belive that this has been fixed in kernel-2.6.9-34.0.2. I would expect a reply to this since we want to roll out a non vulnerable kernel upgrade on our clients redhat boxes and so far no one has given us a solution to this problem. The kernel-2.6.9-34.0.x packages are kernels which contain security updates. They are fixing security issues. In general these can not introduce the reported issue nor can they fix it. The kernel-2.6.9-34.0.2 in particular contains a fix for the privilege escalation described in this Bugzilla report. I never said that that kernel-2.6.9-34.0.2 will fix your problem, but it is also not the cause of your problem. So using this Bugzilla to report an issue is wrong. Please open a new Bugzilla report if you have problems with the kernel-2.6.9-34 series (RHEL4 U3) or wait for kernel-2.6.9-42 (RHEL4 U4) if this is known to fix it. |