Date: Wed, 15 Dec 2010 20:59:56 +0800 From: Eugene Teo <eugeneteo@...nel.org> To: oss-security@...ts.openwall.com CC: Marcus Meissner <meissner@...e.de>, stable@...nel.org Subject: Re: CVE Request: local privilege escalation via /sys/kernel/debug/acpi/custom_method On 12/15/2010 07:00 PM, Marcus Meissner wrote: > Hi, > > http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;h=ed3aada1bf34c5a9e98af167f125f8a740fc726a > > changes /sys/kernel/debug/acpi/custom_method from -w--w--w- to -w-------. > > This custom_method file allows to inject custom ACPI methods into the > ACPI interpreter tables. > > This control file was introduced with world writeable permissions > in Linux Kernel 2.6.33. > > Fix is in 2.6.37rc and the 220.127.116.11 stable release so far. > > I would say that privilege escalation is possible. Please use CVE-2010-4347. Eugene
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ