Security restrictions bypass in Linux kernel

1) Security restrictions bypass

EUVDB-ID: #VU99900

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2006-1052

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to perform service disruption.

The selinux_ptrace logic in hooks.c in SELinux for Linux 2.6.6 allows local users with ptrace permissions to change the tracer SID to an SID of another process.

Mitigation

Install update from vendor's repository.

Vulnerable software versions

Linux kernel: All versions

CPE2.3

• cpe:2.3:o:linux_foundation:linux_kernel:*:*:*:*:*:*:*:*

External links

https://marc.info/?l=git-commits-head&m=114210002712363&w=2
https://marc.info/?l=selinux&m=114226465106131&w=2
https://secunia.com/advisories/19955
https://secunia.com/advisories/20157
https://secunia.com/advisories/21465
https://secunia.com/advisories/22093
https://secunia.com/advisories/22417
https://selinuxnews.org/wp/index.php/2006/03/13/security-ptrace-bug-cve-2006-1052/
https://support.avaya.com/elmodocs2/security/ASA-2006-200.htm
https://www.debian.org/security/2006/dsa-1184
https://www.mandriva.com/security/advisories?name=MDKSA-2006:086
https://www.osvdb.org/25232
https://www.redhat.com/support/errata/RHSA-2006-0575.html
https://www.securityfocus.com/bid/17830
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10102
https://usn.ubuntu.com/281-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.