GLSA 200402-06: Updated kernel packages fix the AMD64 ptrace vulnerability

Severity:normal
Title:Updated kernel packages fix the AMD64 ptrace vulnerability
Date:02/17/2004
Bugs:
ID:200402-06

Synopsis

A vulnerability has been discovered by in the ptrace emulation code for AMD64 platforms when eflags are processed, allowing a local user to obtain elevated priveleges.

Background

Affected packages

Package Vulnerable Unaffected Architecture(s)
sys-kernel/ck-sources < 2.6.2 >= 2.6.2 amd64
sys-kernel/development-sources < 2.6.2 >= 2.6.2 amd64
sys-kernel/gentoo-dev-sources < 2.6.2 >= 2.6.2 amd64
sys-kernel/gentoo-sources < 2.4.22-r6 >= 2.4.22-r6 amd64
sys-kernel/gentoo-test-sources < 2.6.2 >= 2.6.2-r1 amd64
sys-kernel/gs-sources < 2.4.25_pre7-r1 >= 2.4.25_pre7-r1 amd64
sys-kernel/vanilla-prepatch-sources < 2.4.25_rc3 >= 2.4.25_rc3 amd64
sys-kernel/vanilla-sources < 2.4.24-r1 >= 2.4.24-r1 amd64

Description

A vulnerability has been discovered by Andi Kleen in the ptrace emulation code for AMD64 platforms when eflags are processed, allowing a local user to obtain elevated priveleges. The Common Vulnerabilities and Exposures project, http://cve.mitre.org, has assigned CAN-2004-0001 to this issue.

Impact

Only users of the AMD64 platform are affected: in this scenario, a user may be able to obtain elevated priveleges, including root access. However, no public exploit is known for the vulnerability at this time.

Workaround

There is no temporary workaround - a kernel upgrade is required. A list of unaffected kernels is provided along with this announcement.

Resolution

Users are encouraged to upgrade to the latest available sources for their system:

    # emerge sync
    # emerge -pv your-favourite-sources
    # emerge your-favourite-sources
    # # Follow usual procedure for compiling and installing a kernel.
    # # If you use genkernel, run genkernel as you would do normally.
    
# # IF YOUR KERNEL IS MARKED as "remerge required!" THEN # # YOU SHOULD UPDATE YOUR KERNEL EVEN IF PORTAGE # # REPORTS THAT THE SAME VERSION IS INSTALLED.

References

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200402-06.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

License

Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

Thank you!