Main Menu

Login



Support Virus.Org

Help support Virus.Org by donating.
Donating allows us to keep this site free and pay the running costs of all our services.
Six Linux Kernel Vulnerabilities Announced PDF Print E-mail
Written by Editor   
Saturday, 08 January 2005 13:52
Late yesterday is was announced to the Full Disclosure mailing list that 6 vulnerabilities in the Linux kernel have been discovered both in the older 2.4 kernel branch and the new 2.6 kernel branch. The vulnerabilities range from Local privilege escalation to Denial of Service attacks against vulnerable releases of the kernel. The first of the vulnerabilities posted affects both the 2.4 and the 2.6 kernel series an could allow a lower privilege user to escalate their access to that of root by way of a vulnerability within the uselib() functions provided by the kernel. The issue is present in releases of the 2.4 kernel up to 2.4.29–rc2 and in the 2.6 kernel up to 2.6.10. You can see more information about the vulnerability in the Full Disclosure posting by Paul Starzetz here it also includes PoC exploit code.

The next batch all come from Brad Spengler who is part of the grsecurity project. The first is an integer overflow in the random poolsize sysctl handler, and affects both the 2.4 and 2.6 series of Linux kernels. The next is only in the 2.6 kernel series and is an integer overflow and information leakage vulnerability in the scsi ioctl code of the kernel. Next we have a vulnerability that affects the 2.2, 2.4 and the 2.6 series kernels, which is a moxa serial driver bss overflow. The next one is in both the 2.4 and 2.6 series kernels and is an RLIMIT_MEMLOCK bypass vulnerability as a side issue this last issue is a Denial of Service vulnerability in the 2.6 series of kernels. You can find out more information about this vulnerability from th original Full Disclosure posting by Brad Spengler here, the advisory also posts a link to exploit code and patches to correct these issues.

As yet there are no main stream patches for the kernel from the Linux kernel developers, however as usual our readers are advised to keep a lookout for them and implement as soon as possible once patches are released.

Add this page to your favorite Social Bookmarking websites
Digg! Reddit! Del.icio.us! Google! Live! Facebook! Technorati! StumbleUpon! Yahoo!
Last Updated ( Thursday, 14 September 2006 23:11 )