The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Realtime_linux_security_module | Gnu | 0.8.7 (including) | 0.8.7 (including) |
Linux | Conectiva | 10.0 (including) | 10.0 (including) |
Linux-source-2.6.15 | Ubuntu | dapper | * |
Linux-source-2.6.17 | Ubuntu | edgy | * |