oss-security - CVE-2009-2691 kernel: /proc/$pid/maps visible during initial setuid ELF loading

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [day] [month] [year] [list]

Message-ID: <4A80E2B8.2090709@redhat.com>
Date: Tue, 11 Aug 2009 11:17:12 +0800
From: Eugene Teo <eugene@...hat.com>
To: oss-security@...ts.openwall.com
CC: "Steven M. Christey" <coley@...us.mitre.org>, Kees Cook <kees@...ntu.com>
Subject: CVE-2009-2691 kernel: /proc/$pid/maps visible during initial setuid
 ELF loading

Steve Beattie and Kees Cook noticed that the /proc/$pid/maps and smaps
files are readable during ELF loading for processes that a user should
not normally be able to see (for example, when launching a setuid process).

I have assigned this with CVE-2009-2691.

Upstream commits:
http://git.kernel.org/linus/13f0feafa6b8aead57a2a328e2fca6a5828bf286
http://git.kernel.org/linus/00f89d218523b9bf6b522349c039d5ac80aa536d
http://git.kernel.org/linus/704b836cbf19e885f8366bccb2e4b0474346c02d

References:
http://lkml.org/lkml/2009/6/23/652
http://lkml.org/lkml/2009/6/23/653
http://marc.info/?l=linux-kernel&m=124718946021193
http://marc.info/?l=linux-kernel&m=124718949821250
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-2691

Thanks, Eugene

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.