Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Linux Kernel Vulnerability

Posted by CmdrTaco on from the well-thats-just-not-pleasant dept.

Stop Or I'll Noop writes "Paul Starzetz writes, "A critical security vulnerability has been found in the Linux kernel memory management code inside the mremap(2) system call due to missing function return value check. This bug is completely unrelated to the mremap bug disclosed on 05-01-2003 except concerning the same internal kernel function code." Full scoop here." Update: 03/07 20:53 GMT by T : This vulnerability (and fixes) were mentioned briefly in an update to this earlier posting.

3 of 486 comments (clear)

  1. Re:if you patched two weeks ago, you can ignore th by cperciva · · Score: 0, Troll

    So where _is_ that patch to fix these mremap bugs?

    The patch is here.

    --
    Tarsnap: Online backups for the truly paranoid
  2. OpenBSD still looks good by Bloodax · · Score: 0, Troll

    This latest Linux root exploit bolsters my confidence even more in OBSD. I know they recently had a remote crash exploit, but the claim of no remote root exploit since '97? is a very good track record indeed.

    OBSD takes the time to validate their code. While OBSD or any OS will never be perfect, the OBSD method of engineering is still tops in my book.

  3. Re:Many eyes, but wide open or tight shut ? by PishiGorbeh · · Score: 0, Troll

    I've cracked my own box with it many times...