Linux Kernel ELF Core Dump Local Buffer Overflow Vulnerability

The Linux kernel is susceptible to a local buffer-overflow vulnerability when attempting to create ELF coredumps. This issue is due to an integer-overflow flaw that results in a kernel buffer overflow during a 'copy_from_user()' call.

To exploit this vulnerability, a malicious user creates a malicious ELF executable designed to create a negative 'len' variable in 'elf_core_dump()'.

Local users may exploit this vulnerability to execute arbitrary machine code in the context of the kernel, facilitating privilege escalation.

**Update: This vulnerability does not exist in the 2.6 kernel tree.


 

Privacy Statement
Copyright 2010, SecurityFocus