CVE-2007-6206
Published: 4 December 2007
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information.
Priority
Status
Package | Release | Status |
---|---|---|
linux-source-2.6.15 Launchpad, Ubuntu, Debian |
upstream |
Needed
|
dapper |
Released
(2.6.15-51.66)
|
|
edgy |
Does not exist
|
|
feisty |
Does not exist
|
|
gutsy |
Does not exist
|
|
linux-source-2.6.17 Launchpad, Ubuntu, Debian |
upstream |
Needed
|
dapper |
Does not exist
|
|
edgy |
Released
(2.6.17.1-12.43)
|
|
feisty |
Does not exist
|
|
gutsy |
Does not exist
|
|
linux-source-2.6.20 Launchpad, Ubuntu, Debian |
upstream |
Needed
|
dapper |
Does not exist
|
|
edgy |
Does not exist
|
|
feisty |
Released
(2.6.20-16.34)
|
|
gutsy |
Does not exist
|
|
linux-source-2.6.22 Launchpad, Ubuntu, Debian |
upstream |
Needed
|
dapper |
Does not exist
|
|
edgy |
Does not exist
|
|
feisty |
Does not exist
|
|
gutsy |
Released
(2.6.22-14.51)
|
|
linux Launchpad, Ubuntu, Debian |
upstream |
Released
(2.6.24)
|
dapper |
Does not exist
|
|
edgy |
Does not exist
|
|
feisty |
Does not exist
|
|
gutsy |
Does not exist
|