Download/kernel/2.6.16/026test015.2/changes

From OpenVZ Virtuozzo Containers Wiki
Jump to: navigation, search

Changes

  • A security fix from mainstream (updated to 2.6.16.24)

For the complete list of changes in this release, see git changelog for kernel 026test015.2.


Patches

diff-merge-2.6.16.24-20060714

Patch from mainstream

fix prctl privilege escalation and suid_dumpable (CVE-2006-2451)

Based on a patch from Ernie Petrides

During security research, Red Hat discovered a behavioral flaw in core dump handling. A local user could create a program that would cause a core file to be dumped into a directory they would not normally have permissions to write to. This could lead to a denial of service (disk consumption), or allow the local user to gain root privileges.