The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read (1) maps and (2) smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition.
| Date Added | Due Date | Vulnerability Name | Required Action |
|---|---|---|---|
| N/A |
| Type | Version | Base score | Base severity | Vector |
|---|---|---|---|---|
| Primary | 2.0 | 2.1 | LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
The Red Hat Security Response Team has rated this issue as having moderate security impact. We currently have no plans to fix this flaw in Red Hat Enterprise Linux 3, 4, and 5 as it is not possible to trigger the information leak if the suid_dumpable tunable is set to zero (which is the default). It was addressed in Red Hat Enterprise MRG via: https://rhn.redhat.com/errata/RHSA-2009-1540.html