Slashdot Mirror


New Linux Kernel Vulnerability

Stop Or I'll Noop writes "Paul Starzetz writes, "A critical security vulnerability has been found in the Linux kernel memory management code inside the mremap(2) system call due to missing function return value check. This bug is completely unrelated to the mremap bug disclosed on 05-01-2003 except concerning the same internal kernel function code." Full scoop here." Update: 03/07 20:53 GMT by T : This vulnerability (and fixes) were mentioned briefly in an update to this earlier posting.

9 of 486 comments (clear)

  1. Can someone quickly fix this ? by Anonymous Coward · · Score: 5, Funny

    So we can get back to bitching about Window's security flaws :D

  2. "Windows users: want Security, install linux"??? by Padrino121 · · Score: 5, Funny

    Slowly but surely as Linux is getting more mainstream it seems the same kind of holes that perpetually plague Windows exist in Linux as well.

    It might be time to take a page from the MS book and take a few weeks for a full line by line audit.

  3. Somewhere . . . by Prince+Vegeta+SSJ4 · · Score: 5, Funny
    A Giddy Billionaire is scheming:

    Kernel 2.6.4-rc2-bk3: Never, I'll Never turn to the Dark side, I'm open source...like my father before me.

    Bill: So be it, open source

    Bill: if you will not be turned, you will be destroyed (shooting purple lightning bolts)

    Bill: You will pay the price for your lack of vision

    Kernel 2.6.4-rc2-bk3: Linus please (in agony).

    .....to be continued

    I await my -5 (Troll)

  4. Re:Damn by Anonymous Coward · · Score: 5, Funny

    Don't bother. There's no published exploit. Have a beer. Watch the game. Don't worry. Relax. What's your IP?

  5. Re:Laymens terms? by WWWWolf · · Score: 5, Funny

    Sure. A program can ask the operating system kernel to Do Things. Now, someone has found out that when you ask the kernel to Do Things certain way, the kernel subsequently thinks you are the Boss.

    Like, you have this stack of forms you want the computer signed. You hand them over to the computer. One of the papers is "Do whatever I say" form that would give you the Power. The computer won't read it and just signs it along with the others, then hands you the forms back.

    How's that for an explanation?

  6. Re:Install windows! more like by frause · · Score: 5, Funny

    Get a windows CD
    Boot
    Reboot
    Install
    Reboot
    Install some more
    Reboot
    Continue installation
    Reboot
    Register windows installation
    Change a setting
    Reboot

    bah

  7. Re:Important to Remember by Anonymous Coward · · Score: 5, Funny

    TO DO:

    Log onto slashdot.
    Bash Microsoft.
    Bash the bashers of Microsoft.
    Bash the bashers of the bashers of Microsoft.
    ... ad infinitum

  8. Re:Important to Remember by FattMattP · · Score: 5, Funny
    When a Windows vulnerability is patched, it is proof that closed source software is evil.
    You misspelled if.
    --
    Prevent email address forgery. Publish SPF records for y
  9. Re:eyes wide stupid? by Anonymous Coward · · Score: 5, Funny

    simply disable all local user accounts.

    I really dont understand what all the fuss is about.