Linux Security Modules Process Capabilities Design Error Vulnerability
BID:12093
Info
Linux Security Modules Process Capabilities Design Error Vulnerability
| Bugtraq ID: | 12093 |
| Class: | Design Error |
| CVE: |
CVE-2004-1337 |
| Remote: | No |
| Local: | Yes |
| Published: | Dec 23 2004 12:00AM |
| Updated: | Jul 12 2009 09:26AM |
| Credit: | Discovered by LiangBin <[email protected]>. |
| Vulnerable: |
Ubuntu Ubuntu Linux 4.1 ppc Ubuntu Ubuntu Linux 4.1 ia64 Ubuntu Ubuntu Linux 4.1 ia32 Mandriva Linux Mandrake 10.1 x86_64 Mandriva Linux Mandrake 10.1 Linux Security Modules LSM1 |
| Not Vulnerable: | |
Discussion
Linux Security Modules Process Capabilities Design Error Vulnerability
It has been reported that Linux Security Modules suffers from a design error that could result in host compromise. According to the report, when LSM is loaded as a kernel module, existing processes on the system will be granted unauthorized capabilities. This includes non-root processes. A malicious user on the system at this time will have effectively gained administrative access.
Reported affected are versions of LSM for Linux kernels 2.5.x and 2.6.x. LSM on Linux 2.4.x is reportedly not vulnerable.
It has been reported that Linux Security Modules suffers from a design error that could result in host compromise. According to the report, when LSM is loaded as a kernel module, existing processes on the system will be granted unauthorized capabilities. This includes non-root processes. A malicious user on the system at this time will have effectively gained administrative access.
Reported affected are versions of LSM for Linux kernels 2.5.x and 2.6.x. LSM on Linux 2.4.x is reportedly not vulnerable.
Exploit / POC
Linux Security Modules Process Capabilities Design Error Vulnerability
There is no exploit code required.
There is no exploit code required.
Solution / Fix
Linux Security Modules Process Capabilities Design Error Vulnerability
Solution:
An unofficial source code modification has been made available. See reference section. It has not been verified by Symantec.
Conectiva has released a security advisory (CLA-2005:930) and fixes to address this and other issues. Please see the referenced advisory for further information regarding obtaining and applying appropriate updates.
Ubuntu has released an advisory called USN-57-1 to address this, and other issues for Ubuntu Linux. Please see the referenced advisory for further information.
Mandriva Linux has released advisory MDKSA-2005:110 addressing this issue. Please see the referenced advisory for further information.
Solution:
An unofficial source code modification has been made available. See reference section. It has not been verified by Symantec.
Conectiva has released a security advisory (CLA-2005:930) and fixes to address this and other issues. Please see the referenced advisory for further information regarding obtaining and applying appropriate updates.
Ubuntu has released an advisory called USN-57-1 to address this, and other issues for Ubuntu Linux. Please see the referenced advisory for further information.
Mandriva Linux has released advisory MDKSA-2005:110 addressing this issue. Please see the referenced advisory for further information.
References
Linux Security Modules Process Capabilities Design Error Vulnerability
References:
References:
- Linux Security Modules Homepage (Linux Security Modules)
- Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation (flashsky fangxing
)