Security advisory for execve/ptrace

April 10, 2001

Author: JT Smith

From LWN.net
: Linux kernels before 2.2.19 are vulnerable to a local root exploit.

This vulnerability exploits a race condition in the 2.2.x Linux kernel
within the execve() system call.

By predicting the child-process sleep() within execve(), an attacker
can use ptrace() or similar mechanisms to subvert control of the child
process. If the child process is setuid, the attacker can cause the
child process to execute arbitrary code at an elevated privilege.

Category:

Linux

RELATED ARTICLESMORE FROM AUTHOR

Maintainer Confidential: Challenges and Opportunities One Year On

Bridging Design and Runtime Gaps: AsyncAPI in Event-Driven Architecture

Implementing OpenTelemetry Natively in an Event Broker

Innovation as a Catalyst in Telecommunications

Linux 6.8 Brings More Sound Hardware Support For Intel & AMD, Including The Steam Deck

RELATED ARTICLES MORE FROM AUTHOR