'Re: [oss-security] CVE request: kernel: 'kill sig -1' must only apply'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE request: kernel: 'kill sig -1' must only apply
From:       Eugene Teo <eugene () redhat ! com>
Date:       2009-04-21 2:42:28
Message-ID: 49ED3294.80701 () redhat ! com
[Download RAW message or body]

Eugene Teo wrote:
> Eugene Teo wrote:
>> I came across this while reviewing some older upstream patches.
>>
>> Apparently, it was possible to run kill <sig> -1 to kill processes in
>> all PID namespaces, and break the isolation of namespaces. The expected
>> behaviour for this is to only kill processes in its own hierarchy. The
>> fix uses task_pid_vnr() to check if the process is outside of the
>> caller's namespace before killing.
> 
> I am still able to reproduce the problem even after applying this
> upstream patch (commit d25141a8). I'm still figuring out what other

Ok, you will need to make sure you have commit 44c4e1b2 too. I have
tested this on 2.6.24.7 with these two patches, and the problem is fixed.

https://bugzilla.redhat.com/show_bug.cgi?id=496031#c14

Thanks, Eugene
-- 
Eugene Teo / Red Hat Security Response Team
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic