Описание
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 2.6.24-4.7 |
| edgy | DNE | |
| feisty | DNE | |
| gutsy | DNE | |
| upstream | released | 2.6.24 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 2.6.15-51.66 |
| devel | DNE | |
| edgy | DNE | |
| feisty | DNE | |
| gutsy | DNE | |
| upstream | needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| edgy | released | 2.6.17.1-12.43 |
| feisty | DNE | |
| gutsy | DNE | |
| upstream | needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| edgy | DNE | |
| feisty | released | 2.6.20-16.34 |
| gutsy | DNE | |
| upstream | needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| edgy | DNE | |
| feisty | DNE | |
| gutsy | released | 2.6.22-14.51 |
| upstream | needed |
Показывать по
EPSS
2.1 Low
CVSS2
Связанные уязвимости
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information.
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information.
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x ...
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information.
ELSA-2008-0089: Important: kernel security and bug fix update (IMPORTANT)
EPSS
2.1 Low
CVSS2