The RBAC functionality in grsecurity prior to 2.1.11-2.6.24.5 and 2.1.11-2.4.36.2 does not enforce user_transition_deny and user_transition_allow rules for the (1) sys_setfsuid and (2) sys_setfsgid calls, which allows local users to bypass restrictions for those calls.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
grsecurity grsecurity kernel patch 2.6.24.4 |
||
grsecurity grsecurity kernel patch 2.4.33 |
||
grsecurity grsecurity kernel patch 2.4.33.2 |
||
grsecurity grsecurity kernel patch 2.4.33.3 |
||
grsecurity grsecurity kernel patch 2.4.33.4 |
||
grsecurity grsecurity kernel patch 2.4.34 |
||
grsecurity grsecurity kernel patch 2.6.18 |