Main Menu

Login



Support Virus.Org

Help support Virus.Org by donating.
Donating allows us to keep this site free and pay the running costs of all our services.
High Risk Vulnerability Linux Kernel Patched PDF Print E-mail
Written by Editor   
Tuesday, 25 September 2007 15:52
A critical local Linux kernel vulnerability was patched last week in the kernel 2.6.22.7 release in 2.4.35.3. An official advisory was released by COSEINC describing the issue. However just days after this update the kernel had yeah another update to address an issue that will be referenced by CVE-2007-4571. The first flaw discovered by COSEINC occurs in the IA32 emulation code used by computers running on the x86_64 architecture. The flaw occurs because the kernel fails to ensure that the upper 32 bits of a 64-bit register are cleared of user-supplied data. The register in question is used as an index into the kernel's system-call table, which contains function pointers to all user-accessible kernel services. An attacker by manipulating the contents of the register, may be able to index a userspace function outside of the system-call table and execute it in the context of the affected kernel.

The vulnerbility is especially critical as it is extremely easy to exploit this flaw, similar vulnerabilities in the past have been readily exploited such as the out-of-bounds function table index flaw that was discovered within the Bluetooth Stack during 2005. The issue more details of the issue can be found here and in CVE-2007-4573.

There is very little information about the issue patched in the 2.6.22.8 release of the kernel, and as yet the CVE assigned is a place holder, however the change notes appear to indicate that the issue addressed is within the snd-page-alloc module.

Add this page to your favorite Social Bookmarking websites
Digg! Reddit! Del.icio.us! Google! Live! Facebook! Technorati! StumbleUpon! Yahoo!
Last Updated ( Tuesday, 25 September 2007 15:58 )