Bugzilla – Bug 132731
VUL-0: CVE-2005-3107: kernel: local dos related to ptrace and core dumping
Last modified: 2021-12-07 16:13:32 UTC
CVE-2005-3107 fs/exec.c in Linux 2.6, when one thread is tracing another thread that shares the same memory map, might allow local users to cause a denial of service (deadlock) by forcing a core dump when the traced thread is in the TASK_TRACED state. http://www.kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.11-rc1/2.6.11-rc1-mm1/broken-out/fix-coredump_wait-deadlock-with-ptracer-tracee-on-shared-mm.patch http://linux.bkbits.net:8080/linux-2.6/diffs/fs/exec.c@1.155?nav=index.html|src/|src/fs|hist/fs/exec.c
Chris, this is in your team. Marcus, exactly what is the DoS condition here?
i am not fully clear what the "deadlock" means, if just the task deadlocks or the whole machine. if it is the latter, it is of course a DOS. A hanging around process is not nice and should be avoided, but this is not as necessary to fix in older products.
Gerd, please review and backport these patches as appropriate.
It's just the task which deadlocks and becomes unkillable due to that. The machine continues to run. This fix made it into 2.6.11 mainline, so it affects 9.1, 9.2 and sles9, right? So this is a WONTFIX according to comment #2?
since an evil user can only shoot himself into the foot, the impact is low (one could invent scenarios where a non-killable user process might be problematic, but I consider them very minor until proven otherwise). since it is fixed in upstream, lets close this.
CVE-2005-3107: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:N/A:P)