Bug#378324: local root hole (race condition in /proc)

To: Robert Millan <rmh@aybabtu.com>
Cc: 378324@bugs.debian.org
Subject: Bug#378324: local root hole (race condition in /proc)
From: Florian Weimer <fw@deneb.enyo.de>
Date: Sat, 15 Jul 2006 16:05:33 +0200
Message-id: <[🔎] 877j2fc6aa.fsf@mid.deneb.enyo.de>
Reply-to: Florian Weimer <fw@deneb.enyo.de>, 378324@bugs.debian.org
In-reply-to: <[🔎] E1G1hfX-00082q-0b@aybabtu.com> (Robert Millan's message of "Sat, 15 Jul 2006 12:46:42 +0200")
References: <[🔎] E1G1hfX-00082q-0b@aybabtu.com>

* Robert Millan:

> The linux-2.6 packages in unstable are not affected (since they
> don't include a.out support).

That's not correct, the vulnerability is present even if a.out support
is disabled.  It's only one published exploit that requires a.out
support.

Reply to:

References:
- Bug#378324: local root hole (race condition in /proc)
  - From: Robert Millan <rmh@aybabtu.com>

Prev by Date: Bug#378344: initramfs-tools: Should be able to force root device for update-initramfs
Next by Date: Processing of linux-2.6.16_2.6.16-17_powerpc.changes
Previous by thread: Bug#378324: local root hole (race condition in /proc)
Next by thread: Bug#378324: marked as done (local root hole (race condition in /proc))
Index(es):
- Date
- Thread