Linux Kernel (Fedora 8/9) - 'utrace_control' Null Pointer Dereference Denial of Service

EDB-ID:

32451




Platform:

Linux

Date:

2008-10-02


source: https://www.securityfocus.com/bid/31536/info

Fedora 8 and 9 Linux kernel is prone to a local denial-of-service vulnerability.

Attackers can exploit this issue to crash the affected kernel, denying service to legitimate users. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed.

Note that this issue does not affect upstream kernel versions. Only the following Fedora distributions are affected:

Fedora 8 prior to kernel-2.6.26.5-28
Fedora 9 prior to kernel-2.6.26.5-45

An attacker can exploit this issue with readily available tools.

The following 'gdb' command is sufficient to trigger a kernel crash:

gdb any_executable 1