Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Fedora RedHat Vulnerabilty Released - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Fedora RedHat Vulnerabilty Released

RedHat released a vulnerability today impacting PTRACE_SETREGS.  The release simply states: "A race conditon in ptrace can lead to kernel stack corruption and arbitrary kernel-mode code execution. A local unprivileged user could use this flaw to elavate his privileges."  It is being tracked as CVE-2013-0871.  A PoC was also posted at http://seclists.org/oss-sec/2013/q1/326.  According to the advisory, it impacts all Fedora versions.

Lorna

152 Posts
ISC Handler
Why only Fedora? Many Linux's and Unix's have ptrace - why are they not affected also?
Anonymous

Posts
> Why only Fedora? Many Linux's and Unix's have ptrace ...

The announcement was made by RedHat, for their Fedora product. They can only speak for themselves. Do you expect Microsoft's security announcements to refer to Apple's OS?

> why are they not affected also?

Maybe they are ?!

Whose has the responsibility for testing each reported problem on each available variant of Linus' open-source software? Linus Torvald? All the contributors and/or users of Linux, who can independently view and openly review the source-code?

Anonymous

Posts
On RHEL6.3/SL6.3, as root, the ptrace_death program locks the system up (CPU exhaustion). It is denied permission to run if executed as a non-root user program on a secure system. On RHEL5.8, it runs but does not success when run by root or by a non-root user. Unfortunately, my RHEL5.8 system has not been patched to 5.9. I can't say anything about Fedora at this time. So, the worst for now appears to be that it renders a RHEL6.3 system useless if executed by root.

Red Hat Bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=911937
jbmoore

11 Posts Posts

Sign Up for Free or Log In to start participating in the conversation!