Linux Kernel Back-Door Hack Attempt Discovered

Posted by simoniker on Wednesday November 5, 2003 @05:37PM from the intrigue-and-skullduggery dept.

An anonymous reader writes "The BitKeeper to CVS gateway was apparently hacked in an attempt to add a root exploit back door to the Linux kernel, according to the linux-kernel archive. The change was in the file kernel/exit.c and changed the user ID of a process to root under the guise of checking the validity of some flags. The core Linux BitKeeper kernel repository was not at risk, and in fact it was the BitKeeper CVS export scripts that detected the unauthorized modifications to CVS. The changes were falsely attributed in CVS to long-time Linux developer davem (David Miller). Users of the BKCVS repository should resync their trees to remove the offending code if they had replicated it since yesterday."

4 of 687 comments (clear)

Min score:

Reason:

Sort:

Good grief by ChaoticCoyote · 2003-11-05 18:33 · Score: 0, Redundant

Kudos to Larry McVoy, owner of BitKeeper, who caught this little piece of interesting skullduggery.

--
All about me
Re:Well well by GroovBird · 2003-11-05 19:13 · Score: 0, Redundant

All the vulnerabilities you mentioned are listed as "patched", one isn't even from Microsoft itself and the first link points to good portion of FUD that already has been demystified years ago. So what's your point?
The offending code by whereiswaldo · 2003-11-06 03:11 · Score: 0, Redundant

Can someone post the source diff that the hacker tried to get into the tree?
1. Re:The offending code by MrPink2U · 2003-11-06 04:19 · Score: 0, Redundant
  
  Click on the link in the slashdot blurb. Even though I'm no hardcore coder, it is pretty easy to see the exploit they tried when reading through the LKML thread.
  I always did hate the == comparison operator in C!