Your submission was sent successfully! Close

CVE-2007-6206

Published: 4 December 2007

The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information.

Priority

Low

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
dapper Does not exist

edgy Does not exist

feisty Does not exist

gutsy Does not exist

upstream
Released (2.6.24)
linux-source-2.6.15
Launchpad, Ubuntu, Debian
dapper
Released (2.6.15-51.66)
edgy Does not exist

feisty Does not exist

gutsy Does not exist

upstream Needed

linux-source-2.6.17
Launchpad, Ubuntu, Debian
dapper Does not exist

edgy
Released (2.6.17.1-12.43)
feisty Does not exist

gutsy Does not exist

upstream Needed

linux-source-2.6.20
Launchpad, Ubuntu, Debian
dapper Does not exist

edgy Does not exist

feisty
Released (2.6.20-16.34)
gutsy Does not exist

upstream Needed

linux-source-2.6.22
Launchpad, Ubuntu, Debian
dapper Does not exist

edgy Does not exist

feisty Does not exist

gutsy
Released (2.6.22-14.51)
upstream Needed