Date: Tue, 17 Feb 2004 02:27:48 +0000
From: Tim Yamin <[email protected]>
To: [email protected], [email protected],
Subject: [ GLSA 200402-06 ] Linux kernel AMD64 ptrace vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200402-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
~ http://security.gentoo.org
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
~ Severity: Normal
~ Title: Linux kernel AMD64 ptrace vulnerability
~ Date: February 17, 2004
~ ID: 200402-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
A vulnerability has been discovered by in the ptrace emulation code for
AMD64 platforms when eflags are processed, allowing a local user to
obtain elevated priveleges.
Affected packages
=================
~ -------------------------------------------------------
~ Kernel / Unaffected Version
~ -------------------------------------------------------
~ ck-sources..........................2.6.2-r1...........
~ development-sources.................2.6.2..............
~ gentoo-dev-sources..................2.6.2..............
~ gentoo-sources......................2.4.20-r12.........
~ gs-sources..........................2.4.25_pre7-r1.....
~ vanilla-prepatch-sources............2.4.25_rc3.........
~ vanilla-sources.....................2.4.24-r1..........
Description
===========
A vulnerability has been discovered by Andi Kleen in the ptrace
emulation code for AMD64 platforms when eflags are processed, allowing a
local user to obtain elevated priveleges. The Common Vulnerabilities and
Exposures project has assigned CAN-2004-0001 to this issue.
Impact
======
( Only users of the AMD64 platform are affected )
In this scenario, a user may be able to obtain elevated priveleges,
including root access. However, no public exploit is known for the
vulnerability at this time.
Workaround
==========
There is no temporary workaround - a kernel upgrade is required. A list
of unaffected kernels is provided along with this announcement.
Resolution
==========
Users are encouraged to upgrade to the latest available sources for
their system:
~ # emerge sync
~ # emerge -pv your-favorite-sources
~ # emerge your-favorite-sources
~ # # Follow usual procedures for compiling and installing a kernel.
~ # # If you use genkernel, run genkernel as you would do normally.
~ # # See http://www.gentoo.org/doc/en/handbook/handbook.xml for help.
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
[email protected] or alternatively, you may file a bug at
http://bugs.gentoo.org.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAMXwiMMXbAy2b2EIRAqDmAKDhG09r3rq6xFlOIB6i6auX1Fcc/ACeO0wE
/deJ+dBC2NsZ+bVLmCrHYZQ=
=IQWM
-----END PGP SIGNATURE-----