July 9, 2014 at 19:30Linux kernel ptrace subsystem found vulnerability
In the implementation of the ptrace system call , the vulnerability CVE-2014-4699 was identified , which allowed to increase its privileges in the system or cause a kernel panic. The vulnerability is shown only on the x86_64 architecture when using some models of Intel processors. The problem manifests itself starting with kernel 2.6.17, but the operating technique for different releases may vary. To check for vulnerabilities, a working exploit prototype has been published . Attention, testing only on virtual machines))))
The problem is caused by the lack of checking the correctness of the RIP register in the ptrace API, which under certain circumstances can lead to the restoration of an incorrect return point when using the 'sysret' instruction. Vulnerability already fixedin Linux kernel releases 3.15.4, 3.14.11, 3.4.97, and 3.10.47. Of the distributions that released the update, we can mention Debian , Ubuntu, and Arch Linux . There is no data for other distributions.
The problem is caused by the lack of checking the correctness of the RIP register in the ptrace API, which under certain circumstances can lead to the restoration of an incorrect return point when using the 'sysret' instruction. Vulnerability already fixedin Linux kernel releases 3.15.4, 3.14.11, 3.4.97, and 3.10.47. Of the distributions that released the update, we can mention Debian , Ubuntu, and Arch Linux . There is no data for other distributions.