SecurityTracker: Linux Kernel ptrace() Function Lets Local Users Modify Kernel Memory

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: OS (Linux) > Linux Kernel

Vendors: kernel.org

Linux Kernel ptrace() Function Lets Local Users Modify Kernel Memory

SecurityTracker Alert ID: 1014305

SecurityTracker URL: http://securitytracker.com/id/1014305

CVE Reference: CAN-2005-1763 (Links to External Site)

Date: Jun 27 2005

Impact: Denial of service via local system, Modification of system information, Root access via local system

Fix Available: Yes Vendor Confirmed: Yes

Version(s): 2.6

Description: A vulnerability was reported in the Linux kernel in the ptrace() function. A local user can write to kernel memory.

A buffer overflow may allow a local user to write "a few bytes" to kernel memory.

Impact: A local user may be able to cause denial of service conditions or gain elevated privileges.

Solution: The vendor has issued a fix.

Vendor URL: www.kernel.org/ (Links to External Site)

Cause: Boundary error

Underlying OS:

Message History: None.

Source Message Contents

Date: Mon, 27 Jun 2005 10:28:11 -0400
Subject: [none]


SUSE reported:

> an overflow in the x86-64 ptrace code allowed local users to
>       write a few bytes into kernel memory pages they normally
>       shouldn't have access to (CAN-2005-1763).

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2012, SecurityGlobal.net LLC