Linux Kernel 'PER_CLEAR_ON_SETID' Incomplete Personality List Access Validation Weakness

Linux Kernel 'PER_CLEAR_ON_SETID' Incomplete Personality List Access Validation Weakness

References:

Bypassing Linux' NULL pointer dereference exploit prevention (mmap_min_addr) (Julien Tinnes)
CVE-2009-1895: Linux kernel PER_CLEAR_ON_SETID Personality Bypass (xorl)
Linux kernel Homepage (kernel.org)
personality: fix PER_CLEAR_ON_SETID (Julien Tinnes)
VMware ESX 3.5, Patch ESX350-201006401-SG: Updates VMkernel, VMware Tools, hostd (VMware)
VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release addre (VMware Security Team )
ASA-2009-450 (Avaya)
ASA-2009-508 kernel security and bug fix update (RHSA-2009-1550) (Avaya)
VMSA-2010-0010 ESX 3.5 third party update for Service Console kernel (VMware)

Privacy Statement
Copyright 2010, SecurityFocus