linprocfs privileged process memory leak

linprocfs-process-memory-leak (7017) The risk level is classified as MediumMedium Risk

Description:

The linprocfs file system in FreeBSD could allow an attacker to obtain sensitive system information from privileged processes. Once an unprivileged process has debugging rights to a privileged process, the unprivileged process is able to retain read access to the target process' memory space. This allows the attacker to obtain sensitive system information, which could be used to perform further attacks.

Platforms Affected:

  • FreeBSD, FreeBSD 4.0
  • FreeBSD, FreeBSD 4.1
  • FreeBSD, FreeBSD 4.2
  • FreeBSD, FreeBSD 4.3

Remedy:

For FreeBSD 4.3 and earlier:
Upgrade to the latest version of FreeBSD (4.3-STABLE dated 2001-08-12 or later), as listed in FreeBSD Security Advisory FreeBSD-SA-01:55. See References.

— OR —

Apply the 01.55 procfs patch, as listed in FreeBSD Security Advisory FreeBSD-SA-01:55. See References.

Consequences:

Obtain Information

References:

  • FreeBSD Security Advisory FreeBSD-SA-01:55, procfs vulnerability leaks set[ug]id process memory at http://archives.neohapsis.com/archives/freebsd/2001-08/0441.html.
  • BID-3217: FreeBSD linprocfs Privileged Process Memory Disclosure Vulnerability
  • CVE-2001-1166: linprocfs on FreeBSD 4.3 and earlier does not properly restrict access to kernel memory, which allows one process with debugging rights on a privileged process to read restricted memory from that process.
  • OSVDB ID: 1938: FreeBSD linprocfs Privileged Process Memory Disclosure

Reported:

Aug 21, 2001

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page