Bug 1358840 – CVE-2010-5328 kernel: Processes having the same group as `init` can crash kernel

Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.

Bug 1358840 - (CVE-2010-5328) CVE-2010-5328 kernel: Processes having the same group as `init` can crash kernel

Summary:	CVE-2010-5328 kernel: Processes having the same group as `init` can crash kernel

Status:	CLOSED WONTFIX

Aliases:	CVE-2010-5328

Product:	Security Response
Classification:	Other
Component:	vulnerability (Show other bugs)
Sub Component:
Version:	unspecified
Hardware:	All Linux

Priority	low Severity low
Target Milestone:	---
Target Release:	---
Assigned To:	Red Hat Product Security
QA Contact:
Docs Contact:

URL:
Whiteboard:	impact=low,public=20100527,reported=2...
Keywords:	Security

Depends On:
Blocks:	1358842
	Show dependency tree / graph

Reported:	2016-07-21 11:11 EDT by Adam Mariš
Modified:	2017-02-16 08:37 EST (History)
CC List:	41 users (show)

See Also:
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:	A process that is in the same process group as the ''init'' process (group id zero) can crash the Linux kernel with several system calls by passing in a process ID or process group ID of zero; a special value that indicates the current process ID or process group.
Story Points:	---
Clone Of:
Environment:
Last Closed:	2017-02-16 08:37:55 EST
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Adam Mariš 2016-07-21 11:11:27 EDT

A process that is in the same process group as the ``init'' process (group id zero) can crash the Linux kernel with several system calls by passing in a process ID or process group ID of zero. The value zero is a special value that indicates the current process ID or process group. However, in this case it is also the process group ID of the process.

Upstream fixes:

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f106eee10038c2ee5b6056aaf3f6d5229be6dcdd
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f20011457f41c11edb5ea5038ad0c8ea9f392023
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fa2755e20ab0c7215d99c2dc7c262e98a09b01df

Comment 4 Andrej Nemec 2017-01-23 04:46:21 EST

CVE assignment:

http://seclists.org/oss-sec/2017/q1/160

Comment 5 Wade Mealing 2017-02-08 02:20:08 EST

Statement:

This flaw affects Red Hat Enteprise Linux 5 and 6 and is not able to be exploited in the default configuration.  Administrators would need to replace the init daemon with alternative systems to exploit this system crash correctly.

No update is planned to be released for this flaw.

Comment 10 Wade Mealing 2017-02-09 02:04:51 EST

I've just removed that from the comment #0 and doctxt.

Note You need to log in before you can comment on or make changes to this bug.

agordeev
apmukher
aquini
arm-mgr
bhu
dhoward
esammons
fhrbata
gansalmon
harshula
iboverma
ichavero
itamar
jforbes
jkacur
jkastner
joelsmith
jonathan
jross
jwboyer
kent
kernel-maint
kernel-mgr
kstutsma
labbott
lgoncalv
lwang
madhu.chinakonda
matt
mchehab
mcressma
mguzik
nmurray
pholasek
plougher
rt-maint
rvrbovsk
sparks
vdronov
williams
wmealing