Public bug reported: [Impact] PTRACE_O_SUSPEND_SECCOMP allows CRIU to disable seccomp on a process. However, setting this option requires privilege when used with PTRACE_SETOPTIONS. However, when used with PTRACE_SEIZE, no privilege is required. This allows sandboxed processes to exit the sandbox if they are allowed to use ptrace.
[Test case] Run the reproducer from https://bugs.chromium.org/p/project-zero/issues/detail?id=2276. [Potential regression] This may break ptrace users, specially ones using PTRACE_SEIZE or PTRACE_SETOPTIONS. Special attention to processes being sandboxed with seccomp. ** Affects: linux (Ubuntu) Importance: High Status: Fix Committed ** Affects: linux (Ubuntu Xenial) Importance: High Assignee: Thadeu Lima de Souza Cascardo (cascardo) Status: Triaged ** Affects: linux (Ubuntu Bionic) Importance: High Assignee: Thadeu Lima de Souza Cascardo (cascardo) Status: In Progress ** Affects: linux (Ubuntu Focal) Importance: High Status: Fix Committed ** Affects: linux (Ubuntu Impish) Importance: High Assignee: Thadeu Lima de Souza Cascardo (cascardo) Status: In Progress ** Affects: linux (Ubuntu Jammy) Importance: High Status: Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1972740 Title: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1972740/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
