Ptrace vulnerability in kernels <2.4.21-pre6

Archaic archaic at
Tue Apr 22 18:29:57 PDT 2003

This is old news to some, but anyway....

<quoting Alan Cox>

The Linux 2.2 and Linux 2.4 kernels have a flaw in ptrace. This hole
allows local users to obtain full privileges. Remote exploitation of
this hole is not possible. Linux 2.5 is not believed to be vulnerable.


You can download 2.4.21-pre6 or later, or 2.5.x or patch earlier
kernels. The patch for the 2.4.20 kernel is here:

The thread starts here:

NOTE: This patch is known to break some code out there. For details,
read the thread.


Non-cooperation with evil is as much a duty as cooperation with good.

- Mohandas Gandhi

Unsubscribe: send email to listar at
and put 'unsubscribe lfs-security' in the subject header of the message

More information about the lfs-security mailing list