Note: This is an archival copy of Security Sun Alert 200140 as previously published on
Latest version of this security advisory is available from as Sun Alert 1000102.1.
Article ID : 1000102.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2010-12-07
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

On Sun Linux and Cobalt Legacy Products, an Unauthorized Local User May be Able to Gain Root Access Rights Due to an Issue With The ptrace() Function


Release Phase

Date of Workaround Release

Date of Resolved Release

Due to an issue with the ptrace() function ...

1. Impact

Due to an issue with the ptrace() function an unauthorized local user may be able to gain root access rights on Linux systems, including Sun Linux and Sun Cobalt platforms.

The ptrace() function is a system call used by a parent process to monitor and control the execution of another process. It is also useful in breakpoint debugging and system call tracing.

2. Contributing Factors

This issue can occur in the following releases:

Sun Linux Platform

  • Sun Linux 5.0 (LX50) with kernel-enterprise-2.4.9-31.i386.rpm

Note: Sun Linux 5.0 is currently shipped with the Sun LX50 Server.

Sun Cobalt Platform

  • RaQ XTR with kernel-2.2.16C29_V-1.i386.rpm
  • Qube3 with kernel-2.2.16C7-1.i386.rpm
  • RaQ4 with kernel-2.2.14C11-1.i386.rpm
  • RaQ550 with kernel-2.4.16C12_V-1.i386.rpm

3. Symptoms

There are no symptoms that would show the described issue has been exploited to gain unauthorized root access to a system.

4. Workaround

There is no workaround. Please see the "Resolution" section below.

5. Resolution

This issue is addressed in the following releases:

Sun Linux Platform

  • Sun Linux 5.0 (LX50) with Sun Linux 5.0.5 (Update 1)

Sun Cobalt Platform

Instructions for downloading the above packages can be found in in MyOracleSupport .

Modification History

Date: 21-JUL-2003
  • Updated "Resolution" section for Sun Linux 5.0 (LX50), RaQ XTR, Qube3, RaQ4, and RaQ550.

Date: 29-OCT-2003
  • State: Resolved
  • Updated Contributing Factors and Resolution sections

Sun Linux 5.0

This solution has no attachment