CVE-2009-1337 (retired)

Priority
Description
The exit_notify function in kernel/exit.c in the Linux kernel before
2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is
held, which allows local users to send an arbitrary signal to a process by
running a program that modifies the exit_signal field and then uses an exec
system call to launch a setuid application.
Package
Source: linux (LP Ubuntu Debian)
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2019-03-26 11:47:44 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)