Description of problem: A malicious application can execute a setuid binary before exit. This would mean that we will not reset the ->exit_signal to SIGCHLD unless the binary drops CAP_KILL. Reference: http://marc.info/?l=linux-kernel&m=123560588713763&w=2
[RESEND] exit_notify: kill the wrong capable(CAP_KILL) check http://patchwork.kernel.org/patch/16544/
Created attachment 338457 [details] Upsream patch Upstream commit: http://git.kernel.org/linus/432870dab85a2f69dc417022646cb9a70acf7f94
Upstream commit for 2.4 http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.4.37.y.git;a=commitdiff;h=8d1f2ab731ab54b12f82eed4da4d1cefd238578c
This issue has been addressed in following products: MRG for RHEL-5 Via RHSA-2009:0451 https://rhn.redhat.com/errata/RHSA-2009-0451.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2009:0473 https://rhn.redhat.com/errata/RHSA-2009-0473.html
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Via RHSA-2009:1024 https://rhn.redhat.com/errata/RHSA-2009-1024.html
Fixed in upstream stable updates: 2.6.27.22, 2.6.28.10 and 2.6.29.3
kernel-2.6.27.24-170.2.68.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/kernel-2.6.27.24-170.2.68.fc10
kernel-2.6.27.24-170.2.68.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products: Red Hat Enterprise Linux 4.7 Z Stream Via RHSA-2009:1077 https://rhn.redhat.com/errata/RHSA-2009-1077.html
This issue has been addressed in following products: Red Hat Enterprise Linux 3 Via RHSA-2009:1550 https://rhn.redhat.com/errata/RHSA-2009-1550.html