Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2008-1294

Published: 2 May 2008

Linux kernel 2.6.17, and other versions before 2.6.22, does not check when a user attempts to set RLIMIT_CPU to 0 until after the change is made, which allows local users to bypass intended resource limits.

Notes

AuthorNote
kees
linux-2.6: 9926e4c74300c4b31dee007298c6475d33369df0
for pre-2.6.17 kernels, the two prior RLIMIT_CPU fixes are needed:
ec9e16bacdba1da1ee15dd162384e22df5c87e09
e0661111e5441995f7a69dc4336c9f131cb9bc58

Priority

Low

Status

Package Release Status
linux-source-2.6.15
Launchpad, Ubuntu, Debian
upstream Needs triage

dapper
Released (2.6.15-52.67)
feisty Does not exist

gutsy Does not exist

hardy Does not exist

linux-source-2.6.20
Launchpad, Ubuntu, Debian
upstream Needs triage

dapper Does not exist

feisty
Released (2.6.20-17.36)
gutsy Does not exist

hardy Does not exist

linux-source-2.6.22
Launchpad, Ubuntu, Debian
upstream Needs triage

dapper Does not exist

feisty Does not exist

gutsy Not vulnerable

hardy Does not exist

linux
Launchpad, Ubuntu, Debian
upstream Needs triage

dapper Does not exist

feisty Does not exist

gutsy Does not exist

hardy Not vulnerable