Bugtraq mailing list archives
Re: [ MDKSA-2006:116 ] - Updated kernel packages fixes multiple vulnerabilities
From: Paul Starzetz <paul () starzetz de>
Date: Thu, 06 Jul 2006 13:13:20 +0200
security () mandriva com wrote:
This information is not fully correct - CVE-2005-3784 leads to an IMMEDIATE root compromise of vulnerable machines. But I'm not going to provide a PoC :-]Prior to 2.6.15, the auto-reap child processes included processes with ptrace attached, leading to a dangling ptrace reference and allowinglocal users to cause a Denial of Service (crash) (CVE-2005-3784).
with best regards Paul Starzetz
Current thread:
- [ MDKSA-2006:116 ] - Updated kernel packages fixes multiple vulnerabilities security (Jul 05)
- Re: [ MDKSA-2006:116 ] - Updated kernel packages fixes multiple vulnerabilities Paul Starzetz (Jul 10)