PublicDate: 2007-12-04 00:46:00 UTC
Candidate: CVE-2007-6206
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6206
 https://ubuntu.com/security/notices/USN-574-1
 https://ubuntu.com/security/notices/USN-578-1
Description:
 The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to
 2.6.24-rc3, and possibly other versions, does not change the UID of a core
 dump file if it exists before a root process creates a core dump in the
 same location, which might allow local users to obtain sensitive
 information.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/180294
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

upstream_linux-source-2.6.15: needed
dapper_linux-source-2.6.15: released (2.6.15-51.66)
edgy_linux-source-2.6.15: DNE
feisty_linux-source-2.6.15: DNE
gutsy_linux-source-2.6.15: DNE
devel_linux-source-2.6.15: DNE

upstream_linux-source-2.6.17: needed
dapper_linux-source-2.6.17: DNE
edgy_linux-source-2.6.17: released (2.6.17.1-12.43)
feisty_linux-source-2.6.17: DNE
gutsy_linux-source-2.6.17: DNE
devel_linux-source-2.6.17: DNE

upstream_linux-source-2.6.20: needed
dapper_linux-source-2.6.20: DNE
edgy_linux-source-2.6.20: DNE
feisty_linux-source-2.6.20: released (2.6.20-16.34)
gutsy_linux-source-2.6.20: DNE
devel_linux-source-2.6.20: DNE

upstream_linux-source-2.6.22: needed
dapper_linux-source-2.6.22: DNE
edgy_linux-source-2.6.22: DNE
feisty_linux-source-2.6.22: DNE
gutsy_linux-source-2.6.22: released (2.6.22-14.51)
devel_linux-source-2.6.22: DNE

upstream_linux: released (2.6.24)
dapper_linux: DNE
edgy_linux: DNE
feisty_linux: DNE
gutsy_linux: DNE
devel_linux: not-affected (2.6.24-4.7)