Advisories:rPSA-2006-0122
From rPath Wiki
rPath Security Advisory 2006-0122-2
Published: 2006-07-07
Updated
- 2006-07-13 Upgraded to Critical status with additional information
Products
- rPath Linux 1
Rating
- Critical
Exposure Level Classification
- Local Root Deterministic Privilege Escalation
Updated Versions
- kernel=conary.rpath.com@rpl:1/2.6.16.24-0.1-1
rPath Issue Tracking System
References
Description
- Previous versions of the kernel package have two specific
- vulnerablities that are addressed in this version.
- The first vulnerability allows any local user to fill up file
- systems by causing core dumps to write to directories to which
- they do not have write access permissions, and on most systems
- (including any system that provides a generally-accessible "cron"
- or "at" service) to escalate to run arbitrary code as the root user.
- An exploit for this privilege escalation vulnerability is
- publically available and in active use.
- The second vulnerability applies only to systems using the SCTP
- protocol, which is not enabled by default, and the tools required
- to configure it (lksctp-tools) are not included in rPath Linux.
- This vulnerability, which cannot apply to systems without
- lksctp-tools installed, enables a remote denial of service attack
- in which specially-crafted packets can crash the system.
- A system reboot is required to make the update to resolve these
- vulnerabilities effective. rPath strongly recommends that all
- users apply this update.
Copyright 2006 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html