Red Hat Bugzilla – Bug 157450
CAN-2005-1263 Linux kernel ELF core dump privilege elevation
Last modified: 2015-01-04 17:19:32 EST
Created attachment 114254 [details]
Proposed patch from Greg KH (not backported)
"A locally exploitable flaw has been found in the Linux ELF binary format
loader's core dump function that allows local users to gain root
privileges and also execute arbitrary code at kernel privilege level."
For the full description see
A new release which fixes this problem upstream has been released as 18.104.22.168
Note that a sucessful mitigation to this issue is to limit the production of
core files, "ulimit -c 0" placed early during system startup (say from
rc.sysinit) will remove the risk of this issue.
This went into 2.6.9-9, so its in U1.
It would seem that this issue doesn not affect 2.6 kernels. The patch hardens
things a bit, but doesn't fix any security issues.
In the U1 kernel errata we will list this bug, since we've fixed this issue, but
we won't list the CVE name since CAN-2005-1263 has no security context for EL4.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.