The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel 2.6.24 |
||
linux linux kernel |
||
opensuse opensuse 10.2 |
||
opensuse opensuse 10.3 |
||
suse linux enterprise software development kit 10 |
||
suse linux enterprise server 10 |
||
suse linux enterprise real time extension 10 |
||
suse linux enterprise desktop 10 |
||
redhat enterprise linux desktop 4.0 |
||
redhat enterprise linux server 4.0 |
||
redhat enterprise linux workstation 4.0 |
||
redhat enterprise linux eus 4.6 |
||
debian debian linux 3.1 |
||
debian debian linux 4.0 |
||
canonical ubuntu linux 7.04 |
||
canonical ubuntu linux 7.10 |
||
canonical ubuntu linux 6.10 |
||
canonical ubuntu linux 6.06 |