kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states there is no kernel bug here.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | * | 4.4.1 |