Eugene Teo | 12 Mar 07:32 2010
Picon

CVE-2010-0729 kernel: ia64: ptrace: peek_or_poke requests miss ptrace_check_attach()

The "ia64: fix deadlock in ia64 sys_ptrace" patch (no reference as it's 
only added in our shipped kernels) moved ptrace_check_attach() from 
find_thread_for_addr() to tasklist-is-not-held area. However it 
introduced other problems.

One of the problems is security-relevant. In certain code path, it is 
possible that ptrace_check_attach() is not called, and the user can do 
ptrace() on any target even without PTRACH_ATTACH.

This only affects Red Hat Enterprise Linux 4.

https://bugzilla.redhat.com/CVE-2010-0729

Thanks, Eugene


Gmane