A vulnerability in the Linux 2.2 and 2.4 distributions of ptrace() may permit a local attacker to gain elevated privileges.
The Linux 2.2 and 2.4 kernels contained a flaw in ptrace(). This vulnerability may permit a local user to have the kernel spawn a child process. From the man page:
The ptrace system call provides a means by which a parent process may observe and control the execution of another process, and examine and change its core image and registers. It is primarily used to implement breakpoint debugging and system call tracing.
A local user can exploit this vulnerability to gain elevated privileges, typically root.
This vulnerability has been resolved in Linux 2.2.25 and 2.4.21. Various vendors have also released advisories and updates. Please see the your vendor's advisory for more details.
Thanks to Andrzej Szombierski for reporting this vulnerability.
This document was written by Jason A Rafail and is based on information provided by Andrzej Szombierski.
|Date First Published:||2004-04-16|
|Date Last Updated:||2004-04-30 18:44 UTC|