The ftrace implementation in the Linux kernel prior to 3.8.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for write access to the (1) set_ftrace_pid or (2) set_graph_function file, and then making an lseek system call.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
redhat enterprise linux 6.0 |
||
redhat enterprise mrg 2.0 |
||
suse linux enterprise desktop 11 |
||
suse linux enterprise server 11 |
||
suse linux enterprise high availability extension 11 |