CVE-2008-1615

Priority
Medium
Description
Linux kernel 2.6.18, and possibly other versions, when running on AMD64
architectures, allows local users to cause a denial of service (crash) via
certain ptrace calls.
Ubuntu-Description
Jan Kratochvil discovered that PTRACE did not correctly handle certain
calls when running under 64bit kernels. A local attacker could exploit
this to crash the system, leading to a denial of service.
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1615
http://www.ubuntu.com/usn/usn-625-1
Notes
 kees> reproducer mentioned in https://bugzilla.redhat.com/show_bug.cgi?id=431430
 kees> this is _only_ the CS corruption, so we can ignore the upstream fix
Package
Source: linux-source-2.6.20 (LP Ubuntu Debian)
Upstream:released (2.6.25~rc1)
Package
Source: linux-source-2.6.15 (LP Ubuntu Debian)
Upstream:released (2.6.25~rc1)
Package
Source: linux-source-2.6.22 (LP Ubuntu Debian)
Upstream:released (2.6.25~rc1)
Patches:
Vendor:http://svn.debian.org/wsvn/kernel/dists/etch-security/linux-2.6/debian/patches/bugfix/amd64-cs-corruption.patch?op=file&rev=0&sc=0
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (2.6.25~rc1)
Patches:
Diff:http://marc.info/?l=linux-kernel&m=120219781932243
Upstream:a57dae3aa4d00a000b5bac4238025438204c78b2 (with more in 3701d863?)
More Information

Updated: 2017-05-07 15:14:37 UTC (commit 12494)