Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 15 Dec 2010 20:59:56 +0800
From: Eugene Teo <eugeneteo@...nel.org>
To: oss-security@...ts.openwall.com
CC: Marcus Meissner <meissner@...e.de>, stable@...nel.org
Subject: Re: CVE Request: local privilege escalation via /sys/kernel/debug/acpi/custom_method

On 12/15/2010 07:00 PM, Marcus Meissner wrote:
> Hi,
>
> http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;h=ed3aada1bf34c5a9e98af167f125f8a740fc726a
>
> changes /sys/kernel/debug/acpi/custom_method from -w--w--w- to -w-------.
>
> This custom_method file allows to inject custom ACPI methods into the
> ACPI interpreter tables.
>
> This control file was introduced with world writeable permissions
> in Linux Kernel 2.6.33.
>
> Fix is in 2.6.37rc and the 2.6.36.2 stable release so far.
>
> I would say that privilege escalation is possible.

Please use CVE-2010-4347.

Eugene

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ