CVE-2007-3848

Published: 14 August 2007

Linux kernel 2.4.35 and other versions allows local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die, which delivers an attacker-controlled parent process death signal (PR_SET_PDEATHSIG).

Priority

Unknown

Status

Package Release Status
linux-source-2.6.15
Launchpad, Ubuntu, Debian
Upstream Needs triage

linux-source-2.6.17
Launchpad, Ubuntu, Debian
Upstream Needs triage

linux-source-2.6.20
Launchpad, Ubuntu, Debian
Upstream Needs triage

linux-source-2.6.22
Launchpad, Ubuntu, Debian
Upstream Needs triage