GLSA-200402-06 : Updated kernel packages fix the AMD64 ptrace vulnerability
Medium Nessus Plugin ID 14450
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200402-06 (Updated kernel packages fix the AMD64 ptrace vulnerability)
A vulnerability has been discovered by Andi Kleen in the ptrace emulation code for AMD64 platforms when eflags are processed, allowing a local user to obtain elevated privileges. The Common Vulnerabilities and Exposures project, http://cve.mitre.org, has assigned CAN-2004-0001 to this issue.
Only users of the AMD64 platform are affected: in this scenario, a user may be able to obtain elevated privileges, including root access. However, no public exploit is known for the vulnerability at this time.
There is no temporary workaround - a kernel upgrade is required. A list of unaffected kernels is provided along with this announcement.
SolutionUsers are encouraged to upgrade to the latest available sources for their system:
# emerge sync # emerge -pv your-favourite-sources # emerge your-favourite-sources # # Follow usual procedure for compiling and installing a kernel.
# # If you use genkernel, run genkernel as you would do normally.
# # IF YOUR KERNEL IS MARKED as 'remerge required!' THEN # # YOU SHOULD UPDATE YOUR KERNEL EVEN IF PORTAGE # # REPORTS THAT THE SAME VERSION IS INSTALLED.