Bug#323363: CAN-2005-2553: DoS in find_target() of ptrace32.c
tag 323363 +pending
thanks
On Tue, Aug 16, 2005 at 11:29:18AM +0200, Moritz Muehlenhoff wrote:
> Package: kernel-source-2.4.27
> Severity: important
> Tags: security patch
>
> CAN-2005-2553 describes the following DoS vulnerability:
>
> > The find_target function in ptrace32.c in the Linux kernel 2.4.x
> > before 2.4.29 does not properly handle a NULL return value from
> > another function, which allows local users to cause a denial of service
> > (kernel crash/oops) by running a 32-bit ltrace program with the
> > -i option on a 64-bit executable program.
>
> More information/patch:
>
> http://lkml.org/lkml/2005/1/5/245
> http://linux.bkbits.net:8080/linux-2.4/cset@41dd3455GwQPufrGvBJjcUOXQa3WXA
Thanks, as always. I have added this to SVN.
--
Horms
Reply to: