Overview
Unprivileged local users can use the ptrace function to take advantage of a privileged program, while that program is performing a privileged operation, to gain privileged access.
Description
Ptrace is a function, which is often used for debugging, that allows one process to attach to another and monitor or modify its execution state and memory. This vulnerability exploits a race condition that allows an attacker to use ptrace, or similar function (procfs), to attach to and, thus, modify a running setuid process. This enables the attacker to execute arbitratry code with elevated (root) privilege. Linux kernel version 2.2.18 or before are vulnerable to this flaw. Any Linux product that is dependent on this kernel is, therefore, vulnerable. |
Impact
Unprivileged local users can gain privileged (root) access. |
Solution
Upgrade the Linux kernel to version 2.2.19 or later. The release notes for Linux 2.2.19 at http://www.linux.org.uk/VERSION/relnotes.2219.html describe the security fix. For users of specific Linux vendors, use the vendor-specific upgrades for convenience and consistency. |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
Thanks to Wojciech Purczynski for discovering this vulnerability.
This document was written by Andrew P. Moore.
Other Information
| CVE IDs: | CVE-2001-0317 |
| Severity Metric: | 25.99 |
| Date Public: | 2001-03-26 |
| Date First Published: | 2001-07-18 |
| Date Last Updated: | 2002-05-20 15:54 UTC |
| Document Revision: | 29 |