Fedora RedHat Vulnerabilty Released

Published: 2013-02-16. Last Updated: 2013-02-16 23:22:44 UTC
by Lorna Hutcheson (Version: 1)
3 comment(s)

RedHat released a vulnerability today impacting PTRACE_SETREGS.  The release simply states: "A race conditon in ptrace can lead to kernel stack corruption and arbitrary kernel-mode code execution. A local unprivileged user could use this flaw to elavate his privileges."  It is being tracked as CVE-2013-0871.  A PoC was also posted at http://seclists.org/oss-sec/2013/q1/326.  According to the advisory, it impacts all Fedora versions.

Keywords: Fedora race condition Remote Code Execution
3 comment(s)

Comments

Why only Fedora? Many Linux's and Unix's have ptrace - why are they not affected also?

Bob Hill

Feb 17th 2013
1 decade ago

> Why only Fedora? Many Linux's and Unix's have ptrace ...

The announcement was made by RedHat, for their Fedora product. They can only speak for themselves. Do you expect Microsoft's security announcements to refer to Apple's OS?

> why are they not affected also?

Maybe they are ?!

Whose has the responsibility for testing each reported problem on each available variant of Linus' open-source software? Linus Torvald? All the contributors and/or users of Linux, who can independently view and openly review the source-code?

Melvin

Feb 18th 2013
1 decade ago

On RHEL6.3/SL6.3, as root, the ptrace_death program locks the system up (CPU exhaustion). It is denied permission to run if executed as a non-root user program on a secure system. On RHEL5.8, it runs but does not success when run by root or by a non-root user. Unfortunately, my RHEL5.8 system has not been patched to 5.9. I can't say anything about Fedora at this time. So, the worst for now appears to be that it renders a RHEL6.3 system useless if executed by root.

Red Hat Bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=911937

jbmoore

Feb 18th 2013
1 decade ago

Login here to join the discussion.


Top of page
Diary Archives