Bug 496031 (CVE-2009-1338)
Summary: | CVE-2009-1338 kernel: 'kill sig -1' must only apply to caller's pid namespace | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Eugene Teo (Security Response) <eteo> | ||||||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | |||||||||
Severity: | medium | Docs Contact: | |||||||||
Priority: | medium | ||||||||||
Version: | unspecified | CC: | bhu, jkacur, lgoncalv, williams | ||||||||
Target Milestone: | --- | Keywords: | Security | ||||||||
Target Release: | --- | ||||||||||
Hardware: | All | ||||||||||
OS: | Linux | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||||
Doc Text: | Story Points: | --- | |||||||||
Clone Of: | Environment: | ||||||||||
Last Closed: | 2016-04-22 13:23:36 UTC | Type: | --- | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Bug Depends On: | 496032 | ||||||||||
Bug Blocks: | |||||||||||
Attachments: |
|
Description
Eugene Teo (Security Response)
2009-04-16 06:49:46 UTC
Created attachment 339796 [details]
Upstream patch
PID namespaces is merged in 2.6.24. http://lwn.net/Articles/259217/ Created attachment 339815 [details]
Patch for mrg-1
(In reply to comment #12) > We might need this patch too: > commit 44c4e1b2581f7273ab14ef30b6430618801c57b1 > Author: Eric W. Biederman <ebiederm> > Date: Fri Feb 8 04:19:15 2008 -0800 > > pid: Extend/Fix pid_vnr Together with this patch: [root@rhel5-server-i386 ~]# uname -a Linux rhel5-server-i386 2.6.24.7-112.bz496032.el5 #1 SMP PREEMPT RT Mon Apr 20 04:12:17 EDT 2009 i686 i686 i386 GNU/Linux [root@rhel5-server-i386 ~]# bash [root@rhel5-server-i386 ~]# ps -e PID TTY TIME CMD 1 pts/0 00:00:00 bash 33 pts/0 00:00:00 bash 41 pts/0 00:00:00 ps [root@rhel5-server-i386 ~]# /bin/kill -s SIGKILL -1 Killed [root@rhel5-server-i386 ~]# ps -e PID TTY TIME CMD 1 pts/0 00:00:00 bash 43 pts/0 00:00:00 ps [root@rhel5-server-i386 ~]# /bin/kill -s SIGKILL -1 kill -1: No such process The other observation I had in comment #7 is also fixed with this patch. This is the expected behaviour. Thanks. Created attachment 340468 [details] To be patched with comment #6 First I tested with 2.6.29.3-15.el5rt to make sure I could get everything to work as expected, and it did. Then I tested with2.6.24.7-115.el5rt and crashed the machine. After applying the patches from #15 and #6, then everything worked as expected. This issue has been addressed in following products: MRG for RHEL-5 Via RHSA-2009:1081 https://rhn.redhat.com/errata/RHSA-2009-1081.html |