Bug#334113: [Secure-testing-team] kernel allows loadkeys to be used by any user, allowing for local root compromise

To: Horms <horms@verge.net.au>
Cc: linux-kernel@vger.kernel.org, security@kernel.org, secure-testing-team@lists.alioth.debian.org, 334113@bugs.debian.org, Rudolf Polzer <debian-ne@durchnull.de>, Alastair McKinstry <mckinstry@debian.org>, team@security.debian.org
Subject: Bug#334113: [Secure-testing-team] kernel allows loadkeys to be used by any user, allowing for local root compromise
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Tue, 18 Oct 2005 23:19:53 +0200
Message-id: <[🔎] 20051018211953.GA5374@informatik.uni-bremen.de>
Reply-to: Moritz Muehlenhoff <jmm@inutil.org>, 334113@bugs.debian.org
In-reply-to: <[🔎] 20051018044146.GF23462@verge.net.au>
References: <[🔎] E1EQofT-0001WP-00@master.debian.org> <[🔎] 20051018044146.GF23462@verge.net.au>

Horms wrote:
> > The non-suid command "loadkeys" can be used by any local user having
> > console access. It does not just apply to the current virtual console
> > but to all virtual consoles and its effect persists even after logout.

This has been assigned CAN-2005-3257.

Cheers,
        Moritz

Reply to:

References:
- Bug#334113: linux-image-2.6.12-1-powerpc: kernel allows loadkeys to be used by any user, allowing for local root compromise
  - From: Rudolf Polzer <debian-ne@durchnull.de>
- Bug#334113: kernel allows loadkeys to be used by any user, allowing for local root compromise
  - From: Horms <horms@verge.net.au>

Prev by Date: Bug#334113: kernel allows loadkeys to be used by any user, allowing for local root compromise
Next by Date: Re: Bug#333858: Proposed improved patch for yaird
Previous by thread: Bug#334113: kernel allows loadkeys to be used by any user, allowing for local root compromise
Next by thread: Bug#334123: linux-image-2.6.13-1-k7: 2.6.12 works OK, 2.6.13 doesn't
Index(es):
- Date
- Thread