** Description changed: - kernel: fcaps: clear the same personality flags as suid when fcaps are - used + The cap_bprm_set_creds function in security/commoncap.c in the Linux + kernel before 3.3.3 does not properly handle the use of file system + capabilities (aka fcaps) for implementing a privileged executable file, + which allows local users to bypass intended personality restrictions via + a crafted application, as demonstrated by an attack that uses a parent + process to disable ASLR. Break-Fix: - d52fc5dde171f030170a6cb78034d166b13c9445
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/987571 Title: CVE-2012-2123 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/987571/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
