Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Linux Kernel Vulnerability

Posted by CmdrTaco on Sunday March 7, 2004 @04:22AM from the well-thats-just-not-pleasant dept.

Stop Or I'll Noop writes "Paul Starzetz writes, "A critical security vulnerability has been found in the Linux kernel memory management code inside the mremap(2) system call due to missing function return value check. This bug is completely unrelated to the mremap bug disclosed on 05-01-2003 except concerning the same internal kernel function code." Full scoop here." Update: 03/07 20:53 GMT by T : This vulnerability (and fixes) were mentioned briefly in an update to this earlier posting.

1 of 486 comments (clear)

Min score:

Reason:

Sort:

Here we go again by lordsilence · 2004-03-07 04:30 · Score: 0, Redundant

Do I laugh or do I cry? ...
just when I had finished compiling 2.4.25 on my systems..
Did I read the security bullentin correctly, but would grsec and Limited per user virtual memory still not render this exploit harmless?