• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Linux Kernel PTrace CLONE_THREAD Local Denial of Service Vulnerability

Linux kernel is susceptible to a local denial-of-service vulnerability.

In instances where a process is created via the 'clone()' system call with the 'CLONE_THREAD' argument ptraced, the kernel fails to properly ensure that the ptracing process is not attempting to trace itself.

This issue allows local users to crash the kernel, denying service to legitimate users.

Kernel versions prior to 2.6.14.2 are vulnerable to this issue.