Description
ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows local users to gain root privileges by running ptrace on a setuid or setgid program that itself calls an unprivileged program, such as newgrp.
Products
- Linux Kernel 2.2
- Linux Kernel 2.2.10
- Linux Kernel 2.2.11
- Linux Kernel 2.2.12
- Linux Kernel 2.2.13
- Linux Kernel 2.2.13
- Linux Kernel 2.2.13 pre15
- Linux Kernel 2.2.14
- Linux Kernel 2.2.15
- Linux Kernel 2.2.15
- Linux Kernel 2.2.15 pre16
- Linux Kernel 2.2.16
- Linux Kernel 2.2.16
- Linux Kernel 2.2.16 pre5
- Linux Kernel 2.2.16 pre6
- Linux Kernel 2.2.17
- Linux Kernel 2.2.17
- Linux Kernel 2.2.17.14
- Linux Kernel 2.2.18
- Linux Kernel 2.2.19
- Linux Kernel 2.2.1
- Linux Kernel 2.2.2
- Linux Kernel 2.2.3
- Linux Kernel 2.2.4
- Linux Kernel 2.2.4
- Linux Kernel 2.2.4 rc1
- Linux Kernel 2.2.5
- Linux Kernel 2.2.6
- Linux Kernel 2.2.7
- Linux Kernel 2.2.8
- Linux Kernel 2.2.9
- Linux Kernel 2.4.10
- Linux Kernel 2.4.2
- Linux Kernel 2.4.3
- Linux Kernel 2.4.3
- Linux Kernel 2.4.3 pre3
- Linux Kernel 2.4.7
- Linux Kernel 2.4.8
- Linux Kernel 2.4.9
Questions to Ask Vendors
- Can you confirm whether your systems are affected by CVE-2001-1384, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2001-1384 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions
- Check out the advisory links provided below.
References