← back
CVE-2009-1338

CVE-2009-1338

EPSS 0.4%
The kill_something_info function in kernel/signal.c in the Linux kernel before 2.6.28 does not consider PID namespaces when processing signals directed to PID -1, which allows local users to bypass the intended namespace isolation, and send arbitrary signals to all processes in all namespaces, via a kill command.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d25141a818383b3c3b09f065698c544a7a0ec6e7http://lkml.org/lkml/2008/7/23/148https://bugzilla.redhat.com/show_bug.cgi?id=496031http://secunia.com/advisories/34981http://secunia.com/advisories/35120http://secunia.com/advisories/35121http://secunia.com/advisories/35343http://secunia.com/advisories/35656https://exchange.xforce.ibmcloud.com/vulnerabilities/50386http://wiki.rpath.com/Advisories:rPSA-2009-0084http://www.debian.org/security/2009/dsa-1787http://www.debian.org/security/2009/dsa-1800