The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges.
Software | From | Fixed in |
---|---|---|
ubuntu / ubuntu_linux | 4.1 | 4.1.x |
conectiva / linux | 10.0 | 10.0.x |
gnu / realtime_linux_security_module | 0.8.7 | 0.8.7.x |