The regset (aka register set) feature in the Linux kernel prior to 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a (1) PTRACE_GETREGSET or (2) PTRACE_SETREGSET ptrace call.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
redhat enterprise linux 4.0 |
||
redhat enterprise mrg 2.0 |
||
suse linux enterprise server 11 |
||
suse linux enterprise desktop 11 |
||
suse linux enterprise high availability extension 11 |