oss-sec mailing list archives
Re: CVE request: kernel: 'kill sig -1' must only apply to caller's PID namespace
From: Eugene Teo <eugene () redhat com>
Date: Tue, 21 Apr 2009 10:42:28 +0800
Eugene Teo wrote:
Eugene Teo wrote:I came across this while reviewing some older upstream patches. Apparently, it was possible to run kill <sig> -1 to kill processes in all PID namespaces, and break the isolation of namespaces. The expected behaviour for this is to only kill processes in its own hierarchy. The fix uses task_pid_vnr() to check if the process is outside of the caller's namespace before killing.I am still able to reproduce the problem even after applying this upstream patch (commit d25141a8). I'm still figuring out what other
Ok, you will need to make sure you have commit 44c4e1b2 too. I have tested this on 2.6.24.7 with these two patches, and the problem is fixed. https://bugzilla.redhat.com/show_bug.cgi?id=496031#c14 Thanks, Eugene -- Eugene Teo / Red Hat Security Response Team
Current thread:
- CVE request: kernel: 'kill sig -1' must only apply to caller's PID namespace Eugene Teo (Apr 16)
- Re: CVE request: kernel: 'kill sig -1' must only apply to caller's PID namespace Eugene Teo (Apr 17)
- Re: CVE request: kernel: 'kill sig -1' must only apply to caller's PID namespace Eugene Teo (Apr 20)
- Re: CVE request: kernel: 'kill sig -1' must only apply to caller's PID namespace Steven M. Christey (Apr 17)
- Re: CVE request: kernel: 'kill sig -1' must only apply to caller's PID namespace Eugene Teo (Apr 17)