oss-sec mailing list archives

Re: CVE-2008-2365 kernel: ptrace: Crash on PTRACE_{ATTACH,DETACH} race -- affecting kernel versions <= 2.6.25

From: Marcus Meissner <meissner () suse de>
Date: Mon, 14 Jul 2008 16:47:23 +0200

On Thu, Jun 26, 2008 at 04:53:38PM +0200, Jan Lieskovsky wrote:

Hello guys,

  wanted to inform you about recently discovered utrace/ptrace
attach and detach race condition affecting Linux kernel from versions
2.6.9 up to the upstream one (< 2.6.25).
The upstream Linux kernel version got already patched with the following
three patches, which resolve this issue:

http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=commit;h=5ecfbae093f0c37311e89b29bfc0c9d586eace87
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=commit;h=f5b40e363ad6041a96e3da32281d8faa191597b9
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=commit;h=f358166a9405e4f1d8e50d8f415c26d95505b6de


Jan, these patches are from 2006 and were even fixed in a 2.6.16.x stable release...
and the code was rewritten in 2.6.17 as far as I can see.

So is 2.6.25 really the upper bound?

Ciao, Marcus

Current thread:

Re: CVE-2008-2365 kernel: ptrace: Crash on PTRACE_{ATTACH,DETACH} race -- affecting kernel versions <= 2.6.25 Marcus Meissner (Jul 14)