34058 – ptrace race fixed in 2.2.17-14?

Bug 34058 - ptrace race fixed in 2.2.17-14?

Summary: ptrace race fixed in 2.2.17-14?

Keywords:
Status:	CLOSED DUPLICATE of bug 34594
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	kernel
Sub Component:
Version:	7.0
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Michael K. Johnson
QA Contact:	Brock Organ
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2001-03-30 13:31 UTC by Need Real Name
Modified:	2007-04-18 16:32 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2001-04-07 22:53:00 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2001:047	0	normal	SHIPPED_LIVE	: Linux kernel 2.2.19 now available, provides security fixes, enhancements	2001-04-10 04:00:00 UTC

Description Need Real Name 2001-03-30 13:31:27 UTC

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux 2.4.2-ac6 i686; en-US; m18)
Gecko/20001025


According to Bugtraq an exploitable race exists in kernel "up to 2.2.18".
The rpm contains something that looks like a patch
(linux-2.2.19-ptrace.patch), but I'd like some statement whether it
actually fixes the problem.

"Solar designer" notes on BUGTRAQ that there may be other possible races
involving ptrace().

An exploit was published on BUGTRAQ on 27.03.01.


Reproducible: Didn't try
Steps to Reproduce:

Comment 1 Arjan van de Ven 2001-04-07 22:52:55 UTC

The errata notes provide this information.  The answer is that
at the time of release, it fixed all known ptrace bugs.

Comment 2 Milan Kerslager 2001-04-13 12:42:43 UTC


*** This bug has been marked as a duplicate of 34594 ***

Note You need to log in before you can comment on or make changes to this bug.