Linux Kernel PTraced Child Auto-Reap Local Denial of Service Vulnerability

Linux kernel is prone to a local denial-of-service vulnerability. The kernel improperly auto-reaps processes when they are being ptraced, leading to an invalid pointer. Further operations on this pointer result in a kernel crash.

This issue allows local users to crash the kernel, denying service to legitimate users.

A complete compromise of the affected computer has also been reported, but this has not been confirmed.

Kernel versions prior to 2.6.15 are vulnerable to this issue.


 

Privacy Statement
Copyright 2010, SecurityFocus