[CVE-2007-5500] [linux-source] possible DoS in ptrace attach logic
Bug #173849 reported by
disabled.user
This bug report is a duplicate of:
Bug #161795: waitid (..., WNOWAIT) spins or hangs the kernel inside sys_waitid if the queued event is from ptrace.
Edit
Remove
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux-meta (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: linux-source
References:
[1] CVE-2007-5500 (http://
[2] SUSE-SA:2007:063
Quoting [1]:
"The wait_task_stopped function in the Linux kernel before 2.6.23.8 checks a TASK_TRACED bit instead of an exit_state value, which allows local users to cause a denial of service (machine crash) via unspecified vectors. NOTE: some of these details are obtained from third party information."
Quoting [2]:
"A buggy condition in the ptrace attach logic can be used by local attackers to hang the machine."
CVE References
To post a comment you must log in.
See also: www.debian. org/security/ 2007/dsa- 1428)
DSA-1428-1 (http://