CVE-2007-3848
CVE-2007-3848
Linux kernel 2.4.35 and other versions allows local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die, which delivers an attacker-controlled parent process death signal (PR_SET_PDEATHSIG).
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2007-3848http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-03/msg00007.htmlhttp://marc.info/?l=bugtraq&m=118711306802632&w=2http://marc.info/?l=openwall-announce&m=118710356812637&w=2http://secunia.com/advisories/26450http://secunia.com/advisories/26500http://secunia.com/advisories/26643http://secunia.com/advisories/26651http://secunia.com/advisories/26664http://secunia.com/advisories/27212http://secunia.com/advisories/27227