Updated kernel packages fix the AMD64 ptrace vulnerability — GLSA 200402-06

A vulnerability has been discovered by in the ptrace emulation code for AMD64 platforms when eflags are processed, allowing a local user to obtain elevated priveleges.

Affected Packages

sys-kernel/ck-sources on the amd64 architecture
Affected versions < 2.6.2
Unaffected versions >= 2.6.2
sys-kernel/development-sources on the amd64 architecture
Affected versions < 2.6.2
Unaffected versions >= 2.6.2
sys-kernel/gentoo-dev-sources on the amd64 architecture
Affected versions < 2.6.2
Unaffected versions >= 2.6.2
sys-kernel/gentoo-sources on the amd64 architecture
Affected versions < 2.4.22-r6
Unaffected versions >= 2.4.22-r6
sys-kernel/gentoo-test-sources on the amd64 architecture
Affected versions < 2.6.2
Unaffected versions >= 2.6.2-r1
sys-kernel/gs-sources on the amd64 architecture
Affected versions < 2.4.25_pre7-r1
Unaffected versions >= 2.4.25_pre7-r1
sys-kernel/vanilla-prepatch-sources on the amd64 architecture
Affected versions < 2.4.25_rc3
Unaffected versions >= 2.4.25_rc3
sys-kernel/vanilla-sources on the amd64 architecture
Affected versions < 2.4.24-r1
Unaffected versions >= 2.4.24-r1

Background

Description

A vulnerability has been discovered by Andi Kleen in the ptrace emulation code for AMD64 platforms when eflags are processed, allowing a local user to obtain elevated priveleges. The Common Vulnerabilities and Exposures project, http://cve.mitre.org, has assigned CAN-2004-0001 to this issue.

Impact

Only users of the AMD64 platform are affected: in this scenario, a user may be able to obtain elevated priveleges, including root access. However, no public exploit is known for the vulnerability at this time.

Workaround

There is no temporary workaround - a kernel upgrade is required. A list of unaffected kernels is provided along with this announcement.

Resolution

Users are encouraged to upgrade to the latest available sources for their system:

 # emerge sync
 # emerge -pv your-favourite-sources
 # emerge your-favourite-sources
 # # Follow usual procedure for compiling and installing a kernel.
 # # If you use genkernel, run genkernel as you would do normally.
 
 # # IF YOUR KERNEL IS MARKED as "remerge required!" THEN
 # # YOU SHOULD UPDATE YOUR KERNEL EVEN IF PORTAGE
 # # REPORTS THAT THE SAME VERSION IS INSTALLED.
 

References

Release Date
February 17, 2004

Latest Revision
February 17, 2004: 01

Severity
normal

Exploitable
local

Bugzilla entries