[wplug] Core Dump Vulnerability
Eric Cooper
ecc at cmu.edu
Thu May 12 16:23:31 EDT 2005
On Thu, May 12, 2005 at 03:03:09PM -0400, Brandon Kuczenski wrote:
> Anybody on here hear of this:
>
> http://www.securityfocus.com/archive/1/397966/2005-05-09/2005-05-15/0
>
> "A locally exploitable flaw has been found in the Linux ELF binary format
> loader's core dump function that allows local users to gain root
> privileges and also execute arbitrary code at kernel privilege level."
The 2.6.11.9 kernel released today on kernel.org fixes this.
--
Eric Cooper e c c @ c m u . e d u
More information about the wplug
mailing list