Debian DSA-270-1 : linux-kernel-mips - local privilege escalation

high Nessus Plugin ID 15107

Synopsis

The remote Debian host is missing a security-related update.

Description

The kernel module loader in Linux 2.2 and Linux 2.4 kernels has a flaw in ptrace. This hole allows local users to obtain root privileges by using ptrace to attach to a child process that is spawned by the kernel. Remote exploitation of this hole is not possible.

This advisory only covers kernel packages for the big and little endian MIPS architectures. Other architectures will be covered by separate advisories.

Solution

Upgrade the kernel-images packages immediately.

For the stable distribution (woody) this problem has been fixed in version 2.4.17-0.020226.2.woody1 of kernel-patch-2.4.17-mips (mips+mipsel) and in version 2.4.19-0.020911.1.woody1 of kernel-patch-2.4.19-mips (mips only).

The old stable distribution (potato) is not affected by this problem for these architectures since mips and mipsel were first released with Debian GNU/Linux 3.0 (woody).

See Also

http://www.debian.org/security/2003/dsa-270

Plugin Details

Severity: High

ID: 15107

File Name: debian_DSA-270.nasl

Version: 1.22

Type: local

Agent: unix

Published: 9/29/2004

Updated: 1/4/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.9

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:kernel-patch-2.4.17-mips, p-cpe:/a:debian:debian_linux:kernel-patch-2.4.19-mips, cpe:/o:debian:debian_linux:3.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/27/2003

Reference Information

CVE: CVE-2003-0127

BID: 7112

DSA: 270