Commit Details
Repository
git://git.kernel.org/pub/scm/linux/kernel/git/wtarreau/linux-2.4.git
master
by
Willy Tarreau
on
2007-12-09 22:03
(10 months ago)
[PATCH] prevent SIGCONT from waking up a PTRACED process (CVE-2007-4774)
Tavis Ormandy discovered that it was possible to bypass systrace policies
by flooding the ptraced process with SIGCONT signals. The same is possible
with SIGKILL, but obviously the attacker has to finely adjust its target
as it can only shoot once.
This issue was assigned identifier CVE-2007-4774.
The following patch fixes the SIGCONT case and adds some documentation for
authors of monitoring programs such as systrace.
Signed-off-by: Willy Tarreau <...@1wt.eu>
Acked-by: Tavis Ormandy <taviso@sdf.lonestar.org>
Language Totals
| Language | Code Added | Code Removed | Comments Added | Comments Removed | Blanks Added | Blanks Removed | |
|---|---|---|---|---|---|---|---|
| C/C++ | 6 | 1 | 7 | 1 | 0 | 0 |
Files Changed
[2 total ]
| File | Language | Code Added | Code Removed | Comments Added | Comments Removed | Blanks Added | Blanks Removed |
|---|---|---|---|---|---|---|---|
Documentation/ptrace.txt
|
|||||||
kernel/signal.c
|
|||||||
| C/C++ | 6 | 1 | 7 | 1 | 0 | 0 | |