Slashdot Mirror


New Linux Kernel Vulnerability

Stop Or I'll Noop writes "Paul Starzetz writes, "A critical security vulnerability has been found in the Linux kernel memory management code inside the mremap(2) system call due to missing function return value check. This bug is completely unrelated to the mremap bug disclosed on 05-01-2003 except concerning the same internal kernel function code." Full scoop here." Update: 03/07 20:53 GMT by T : This vulnerability (and fixes) were mentioned briefly in an update to this earlier posting.

5 of 486 comments (clear)

  1. Re:2.6.3? by say · · Score: 4, Interesting

    Oops. That HTML posting problem. This was what I was trying to say:

    Apparently, only <= 2.6.2 is affected. How could this be fixed in 2.6.3 without anyone noticing that it might be a problem in earlier kernels?

    --
    Roses are #FF0000, violets are #0000FF, all my base are belong to you
  2. More critical vulnerability in FreeBSD by chrysalis · · Score: 4, Interesting

    Another kernel vulnerability was recently found in all FreeBSD (4.X and 5.x) versions.

    The TCP/IP stack can be stopped by sending unordered TCP fragments.

    This is a serious remote vulnerability, and any FreeBSD with an open TCP port should be patched ASAP.

    Here's a link to the official advisory :

    ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisorie s/ FreeBSD-SA-04:04.tcp.asc

    Regardless of the operating system you are running, always keep everything up to date.

    --
    {{.sig}}
  3. Proof-of-Concept Code by 0xB00F · · Score: 5, Interesting

    I tried the "Proof-of-Concept" code. Nice thing about it is that it tells you two things. 1) If your kernel is vulnerable 2) If your vulnerability is exploitable.

    I have one kernel that is vulnerable but not exploitable according to the Proof-of-Concept code. Saves me some time to not patch, recompile and reboot a new kernel.

    I wish future vulnerability announcements will be like this one. e.g. contain Proof-of-Concept exploit code that can tell me whether or not the kernel/software I am running is vulnerable and/or exploitable.

  4. Public knowledge for over two weeks by bigberk · · Score: 4, Interesting

    The advisory was released Feb. 18, so this has all been public knowledge for over two weeks. This USENET post shows the vulnerability and upcoming exploit was known about, and slashdot is just plain late on this one.

    You have had two weeks to patch your systems. I know slackware's advisory was sent right after the vulnerability became public knowledge.

  5. Way Too Idealistic by EventHorizon · · Score: 4, Interesting

    That's a very naive, idealistic argument. American business often maximizes shareholder value by being as dishonest as possible, short of clearly breaking commonly enforced laws. Under your argument, Darl McBride is a "good guy" because he's a) rich from the SCOX pump-n-dump and b) not in jail (yet).

    Anyway, go read "The Art Of War" or watch "The Godfather". It is a serious error to assume your enemy is weak, and I would recommend against that philosophy when securing critical assets.