CVE-2008-1615

Priority
Medium
Description
Linux kernel 2.6.18, and possibly other versions, when running on AMD64
architectures, allows local users to cause a denial of service (crash) via
certain ptrace calls.
Ubuntu-Description
Jan Kratochvil discovered that PTRACE did not correctly handle certain
calls when running under 64bit kernels. A local attacker could exploit
this to crash the system, leading to a denial of service.
References
Notes
kees> reproducer mentioned in https://bugzilla.redhat.com/show_bug.cgi?id=431430
kees> this is _only_ the CS corruption, so we can ignore the upstream fix
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Patches:
Vendor:http://svn.debian.org/wsvn/kernel/dists/etch-security/linux-2.6/debian/patches/bugfix/amd64-cs-corruption.patch?op=file&rev=0&sc=0
Package
Source: linux (LP Ubuntu Debian)
Upstream:released
Ubuntu 8.04 LTS (Hardy Heron):released (2.6.24-19.36)
Patches:
Diff:http://marc.info/?l=linux-kernel&m=120219781932243
Upstream:a57dae3aa4d00a000b5bac4238025438204c78b2 (with more in 3701d863?)
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:18:43 UTC (commit 5347)