Vigil@nce: Linux kernel, register reading on s390 via task_show_regs
February 2011 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
On a s390 processor, a local attacker can read the status file, in
order to obtain values of registers of a process.
– Severity: 1/4
– Creation date: 16/02/2011
IMPACTED PRODUCTS
– Linux kernel
DESCRIPTION OF THE VULNERABILITY
The /proc/thePid/status file contains information on a process,
and is readable by all users.
However, to help debugging, the task_show_regs() function adds the
content of s390 registers into this file. This function was never
deleted.
On a s390 processor, a local attacker can therefore read the
status file, in order to obtain values of registers of a process.
This information can help him to exploit another attack.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Linux-kernel-register-reading-on-s390-via-task-show-regs-10371