Changes
- A security fix from mainstream (updated to 2.6.16.24)
For the complete list of changes in this release, see git changelog for kernel 026test015.2.
Patches
diff-merge-2.6.16.24-20060714
Patch from mainstream
fix prctl privilege escalation and suid_dumpable (CVE-2006-2451)
Based on a patch from Ernie Petrides
During security research, Red Hat discovered a behavioral flaw in core dump handling. A local user could create a program that would cause a core file to be dumped into a directory they would not normally have permissions to write to. This could lead to a denial of service (disk consumption), or allow the local user to gain root privileges.