Bug 432319 - Local root exploit
Local root exploit
Status: CLOSED DUPLICATE of bug 432251
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: kernel (Show other bugs)
All Linux
low Severity urgent
: rc
: ---
Assigned To: Red Hat Kernel Manager
Martin Jenner
Depends On:
  Show dependency treegraph
Reported: 2008-02-11 04:31 EST by Lassi Pölönen
Modified: 2008-03-06 13:55 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-03-06 13:55:21 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Lassi Pölönen 2008-02-11 04:31:34 EST
Description of problem:
from Gentoo bugzilla:

Version-Release number of selected component (if applicable):
at least 2.6.18-53.1.4.el5 and 2.6.18-53.1.6.el5

How reproducible:

Steps to Reproduce:
1. get the sourcecode for the proof-of-concept exploit
2. compile with gcc <source.c>
3. run the program
Actual results:
Granted a root shell

Expected results:
Should not grant root shell

Additional info:

enabling pam_wheel from /etc/pam.d/su prevents users not in wheel (or defined)
group getting root shell but instead may cause kernel panic
Comment 1 Lassi Pölönen 2008-02-11 10:10:20 EST
Duplicate to #432251
Comment 2 Linda Wang 2008-03-06 13:55:21 EST

*** This bug has been marked as a duplicate of 432251 ***

Note You need to log in before you can comment on or make changes to this bug.