Debian Bug report logs -
#308759
CAN-2005-1263: Linux kernel ELF core dump privilege elevation
Reported by: Moritz Muehlenhoff <muehlenhoff@univention.de>
Date: Thu, 12 May 2005 07:18:04 UTC
Severity: grave
Tags: patch, security
Done: muehlenhoff@univention.de (Moritz Mühlenhoff)
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org, Debian Kernel Team <debian-kernel@lists.debian.org>:
Bug#308757; Package kernel-source-2.4.27.
(full text, mbox, link).
Acknowledgement sent to Moritz Muehlenhoff <muehlenhoff@univention.de>:
New Bug report received and forwarded. Copy sent to Debian Kernel Team <debian-kernel@lists.debian.org>.
(full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: kernel-source-2.4.27
Version: unavailable; reported 2005-05-12
Severity: grave
Tags: security patch
Paul Starzetz has found another flaw in the Linux kernel that can be exploited
to gain extended local privileges. Please see his detailed advisory at
http://isec.pl/vulnerabilities/isec-0023-coredump.txt
Greg Kroah-Hartman has posted a patch for 2.6, which should apply to 2.4 as
well. It's attached.
Cheers,
Moritz
-- System Information:
Debian Release: 3.0
Architecture: i386
Kernel: Linux anton 2.4.29-univention.1 #1 SMP Thu Jan 27 17:08:46 CET 2005 i686
Locale: LANG=de_DE@euro, LC_CTYPE=de_DE@euro
[/home/jmm/CAN-2005-1263-kernel-local-privilege-escalation.patch (text/x-c, attachment)]
Information forwarded to debian-bugs-dist@lists.debian.org, Debian Kernel Team <debian-kernel@lists.debian.org>:
Bug#308757; Package kernel-source-2.4.27.
(full text, mbox, link).
Acknowledgement sent to Horms <horms@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Kernel Team <debian-kernel@lists.debian.org>.
(full text, mbox, link).
Message #10 received at 308757@bugs.debian.org (full text, mbox, reply):
tag 308724 +pending
tag 308634 +pending
thanks
The fix for CAN-2005-1263 fix is now in SVN for 2.6.8 and I will add
it to 2.4.27 shortly.
--
Horms
Reply sent to muehlenhoff@univention.de (Moritz Mühlenhoff):
You have taken responsibility.
(full text, mbox, link).
Notification sent to Moritz Muehlenhoff <muehlenhoff@univention.de>:
Bug acknowledged by developer.
(full text, mbox, link).
Message #17 received at 308759-done@bugs.debian.org (full text, mbox, reply):
This bug can be closed. It has already been fixed as 308757 in
2.4.27-10.
Cheers,
Moritz
--
Moritz Muehlenhoff muehlenhoff@univention.de fon: +49 421 22 232- 0
Development Linux for Your Business fax: +49 421 22 232-99
Univention GmbH http://www.univention.de/ mobil: +49 175 22 999 23
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Tue Aug 14 22:44:26 2018;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.