kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here.
References
Configurations
History
07 Nov 2023, 02:28
Type | Values Removed | Values Added |
---|---|---|
Summary | kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here. |
Information
Published : 2016-02-08 03:59
Updated : 2024-08-06 09:15
NVD link : CVE-2015-8709
Mitre link : CVE-2015-8709
CVE.ORG link : CVE-2015-8709
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-264
Permissions, Privileges, and Access Controls