CVE-2009-1338
Published: 22 April 2009
The kill_something_info function in kernel/signal.c in the Linux kernel before 2.6.28 does not consider PID namespaces when processing signals directed to PID -1, which allows local users to bypass the intended namespace isolation, and send arbitrary signals to all processes in all namespaces, via a kill command.
Notes
Author | Note |
---|---|
smb | Dapper has no pid_namespace. |
Priority
Status
Package | Release | Status |
---|---|---|
linux-source-2.6.15 Launchpad, Ubuntu, Debian |
upstream |
Needs triage
|
dapper |
Not vulnerable
|
|
hardy |
Does not exist
|
|
intrepid |
Does not exist
|
|
jaunty |
Does not exist
|
|
linux Launchpad, Ubuntu, Debian |
upstream |
Needs triage
|
dapper |
Does not exist
|
|
hardy |
Released
(2.6.24-24.55)
|
|
intrepid |
Released
(2.6.27-12.28)
|
|
jaunty |
Not vulnerable
|