Your submission was sent successfully! Close

CVE-2009-1338

Published: 22 April 2009

The kill_something_info function in kernel/signal.c in the Linux kernel before 2.6.28 does not consider PID namespaces when processing signals directed to PID -1, which allows local users to bypass the intended namespace isolation, and send arbitrary signals to all processes in all namespaces, via a kill command.

Priority

Low

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy
Released (2.6.24-24.55)
intrepid
Released (2.6.27-12.28)
jaunty Not vulnerable

upstream Needs triage

linux-source-2.6.15
Launchpad, Ubuntu, Debian
dapper Not vulnerable

hardy Does not exist

intrepid Does not exist

jaunty Does not exist

upstream Needs triage