• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Linux Kernel 2.4.18 iBCS IPC signal handling Vulnerability

Linux kernels prior to and including 2.4.18, for intel x86 architecture, can be made to disregard user privileges when handling IPC signals. This relates to intel binary compatibility standard (iBCS) routines in arch/i386/kernel/traps.c. Successfully exploiting this vulnerability allows an attacker to send signals such as SIGKILL to arbitrary processes, including system processes.