** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-30594
-- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1972740 Title: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option Status in linux package in Ubuntu: Fix Committed Status in linux source package in Xenial: Triaged Status in linux source package in Bionic: Fix Committed Status in linux source package in Focal: Fix Committed Status in linux source package in Impish: Fix Committed Status in linux source package in Jammy: Fix Committed Bug description: [Impact] PTRACE_O_SUSPEND_SECCOMP allows CRIU to disable seccomp on a process. However, setting this option requires privilege when used with PTRACE_SETOPTIONS. However, when used with PTRACE_SEIZE, no privilege is required. This allows sandboxed processes to exit the sandbox if they are allowed to use ptrace. [Test case] Run the reproducer from https://bugs.chromium.org/p/project-zero/issues/detail?id=2276. [Potential regression] This may break ptrace users, specially ones using PTRACE_SEIZE or PTRACE_SETOPTIONS. Special attention to processes being sandboxed with seccomp. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1972740/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp