Slashdot Mirror


New Linux Kernel Crash-Exploit discovered

Ant writes " According to linuxreviews article's on 6/11/2004, there is a nasty bug that lets a simple C program crash the kernel (2.4.18-2.6.x reported so far), effectively locking the whole system. Affects both 2.4.2x and 2.6.x kernels on the x86 architecture. This exploit can be compiled and run without a root access and with a shell access. There are detailed information and source code mentioned. " You need to have shell access to run this program; it's also worth noting that not *all* flavors are vulnerable. Please read article for the full details.

20 of 691 comments (clear)

  1. There's a big difference... by Allen+Zadr · · Score: 5, Insightful
    Here is a perfect example of the difference between the Open Source way and a proprietary way.

    There are goods and bads, however, the information is readily available. There are patches that "work", even before a full explanation is available. Now, thousands of people are actively working on a solution, if they so choose. If they don't choose, they can use the proprietary code method - wait for the official vendors to release a patch.

    In proprietary land, a vendor would first sue the person who released the information. Then, the re-iteration that you won't be vulnerable if you use a "properly configured firewall," then they'd start working on a fix.

    --
    Kinetic stupidity has a new brand leader: Allen Zadr.
    1. Re:There's a big difference... by Donny+Smith · · Score: 5, Insightful

      >Windows users don't tend to care.

      Or "Windows users tend not to care?"

      Incidentally currently I'm a (primarily) Windows user and I do patch (actually it's "install updates") when Windows tells me they're ready (if I estimate I need the particular update).

      Claiming that Windows users "don't care" just because they're Windows users is incorrect, to say the least.
      How can people mod that as insightful? Generalization like that should be discouraged as it is not constructive, but some actually reward it... Quite puzzling to me..

    2. Re:There's a big difference... by Rectum2003 · · Score: 5, Insightful

      What he is saying is that most Windows users are the masses that don't actually care. Other OSes don't have this problem due to the fact that they are mostly used by geeks that understand why it is so important to update your OS (any OS for that matter). Not to say that there are not millions of consciencious users (like you) who actually have a clue and know how to secure and patch a Windows machine, of course.

    3. Re:There's a big difference... by Verteiron · · Score: 4, Insightful

      Real simple answer to that; you are not a typical Windows user.

      The vast majority of Windows users behave exactly as the grandparent post states. I know this because I deal with the results every day in my shop. I'd guess that 80% of the machines I see are in due to spyware and virus problems that could have been fixed with a patch available weeks earlier. More often than not, when I get these systems up and running, the first thing that happens is "*pop* Windows has downloaded updates and is now ready to install them." So the updates were already downloaded, waiting for the user to click "Install"... but the user never did, for reasons already mentioned.

      Automatic patching on XP Home would be doing end-users (and the internet!) a huge favor.

      --
      End of lesson. You may press the button.
    4. Re:There's a big difference... by garcia · · Score: 3, Insightful

      Claiming that Windows users "don't care" just because they're Windows users is incorrect, to say the least. How can people mod that as insightful? Generalization like that should be discouraged as it is not constructive, but some actually reward it... Quite puzzling to me..

      This is puzzling to you? Hmm, I am more puzzled by the fact that entire COMPANIES went down when some of the worms started spreading because of unpatched systems that should have been patched MONTHS (almost a year IIRC) before.

      Now, if you are at a COMPANY and your system goes unpatched it's because the IT department there either doesn't believe the possible threat or does NOT care.

      You read obviously read Slashdot therefore you are not a typical Windows user. You know about vunerabilities and even if Windows didn't tell you about them you'd still have an idea of what to watch out for (and possibly fix). My generalization is 100% dead on accurate. Most Windows users do not care, are afraid to patch, or just don't know.

    5. Re:There's a big difference... by gfxguy · · Score: 4, Insightful

      You get that impression but there are a lot of slashdot users, even ones that use Linux (like me) who will defend MS when appropriate.

      That said, it does seem to be true that a Linux patch will appear a lot more quickly than an MS patch, and that seems to be a result of the fact that it's open source.

      --
      Stupid sexy Flanders.
    6. Re:There's a big difference... by Anonymous Coward · · Score: 5, Insightful

      Now, if you are at a COMPANY and your system goes unpatched it's because the IT department there either doesn't believe the possible threat or does NOT care.

      dont play that game... 3 months before the big nasty worm that hit I was threatened with being fired because I patched all my systems with thew RPC hole patch... Not by my supervisor but by a bunch of jerks in corperate IT... after it hit and we were immune to the problems, did I hear an "I'm sorry?" or anything else? nope.. my boss bought me lunch that entire week and wrote a shining/gleaming letter to be put in my employment file... but corperate asshats refused to acknowlege that a nobody from the midwest division knew more than them.

      Most of the problems in companies that got nailed with the RPC hole worms was ignorance and apathy.. they do things "their way" and ignore anyone below them on the totem pole.. until the fire starts raging...

      My boss and many of us are starting to change corperate IT by throwing them under the bus at every chance.... It's the only solution we can see to fix the problem.

    7. Re:There's a big difference... by RickHunter · · Score: 3, Insightful

      Yup, and you know why? Because Microsoft tends to introduce arbitrary EULA or functionality changes in their patches. So with an autopatching system, you'd be agreeing to these changes implicitly. Whoops.

    8. Re:There's a big difference... by nachoboy · · Score: 3, Insightful

      Windows users don't tend to care. They don't read Windows news sites daily, they don't subscribe to mailing lists that send out warnings as soon as a vunerability is found. They don't patch when Windows tells them to.

      You know why? They don't care, they don't want to "break" anything, or they don't even know that the little icon in their taskbar is any different from their 1000 other ones in the tray.

      The observation you make is correct. The group you apply it to is incorrectly targeted. Do you suppose that if all of the sudden the vast majority of these Windows users migrated to a more favored OS, they would magically read relevant OS news sites daily, subscribe to kernel mailing lists, and patch when their OS told them to? Of course not. Users are users. They're not interested in OS news or maintenance any more than they absolutely have to be (which, given the nature of modern technology, is practically nil). The fact that most computer users run Windows is largely an artifact of business dealings, not some concious decision on the part of the users.

      No, the way to solve such problems for the computer users of the world is by providing better defaults, ie, automatic patching turned on out of the box. If you're part of the tinfoil hat crowd, go ahead and turn off automatic patching. If you like to patch manually and can be trusted to do it, go ahead and turn it off. But if you're part of the unwashed masses, your computer just takes care of itself.

    9. Re:There's a big difference... by maximilln · · Score: 5, Insightful

      2) He thinks that security is a yes/no option. Security is nothing like that. If someone were to be honest with him, and tell him that nothing is truely secure and it's all trade-offs, and then explain the trade-offs of their particular product, I'm sure he would have thought they were weaseling, when in fact they were telling the truth.

      AMEN!

      It's a problem that I run into quite often and not just with security. When you come to understand a topic intimately enough you learn that there is very little in the world that's a yes/no option. Everything requires a level of expertise and must be tailored to the specific task at hand. The issue is that the people requesting the services don't know, don't have time to learn, and don't want to learn. They want the yes/no answer to keep their life easy. If you're the person attempting to sell your services in order to keep food on the plate, however, you're faced with a dilemma: Say "yes" and possibly get mired in a situation which is impossible (secure a network full of users who are actively trying to break the network), or say "no" and don't get the job.

      --
      +++ATHZ 99:5:80
  2. Re:OS bugs are like golf... by RAMMS+EIN · · Score: 4, Insightful

    Well, those who have been paying attention know that Linux has had quite a few (read: way too many) critical bugs in the past year. Most of them were related to do_mremap (how many times do they have to "fix" that until its fixed?!), varying in severeness from DoS to local root exploits. How many has the Windows kernel had in the last 12 months? I am afraid that this comparison might fall out to the advantage of Windows. Until you take into account time to fix, maybe. Off to patch my systems...

    --
    Please correct me if I got my facts wrong.
  3. Re:Who has shell access? by Welsh+Dwarf · · Score: 4, Insightful

    Sourceforge?

    --
    Ask 8 slackers a question, get 10 awnsers (a citation, but I can't remember from who)
  4. Re:Fixed quickly. by bdash · · Score: 3, Insightful

    And fixes will be deployed within hours.
    The same cannot be said of many proprietary OSes...

    The fact that a patch is available doesn't mean that it is a non-issue. In many cases system administrators are too busy, lasy or do not wish to interrupt services, to update their systems to fix these software vulnerabilities. The proprietary vs. non-proprietary argument is irrelevant if administrators fail to keep up-to-date with security fixes. A good example of this was the SQL Slammer worm that made it's rounds several months after a patch that fixed it's attack vector was released.

    Simply put, the bigger problem is with the wet-ware than the development methodology.

  5. I know plenty who do... by Allen+Zadr · · Score: 4, Insightful
    I know plenty of users who do care...

    In the real world, where I work, I run a Hybrid network where I'm still waiting for Windows XP Service Pack 2 to come out in a finalized form because I don't have an option to pull just the parts that I need, and SP2 RC2 is not quite ready to unleash on my network (although I have actively TESTED it). Of course, this just fixes some vulnerabilities that have existed for over a year.

    Don't tell me that I, as a Windows User and Administrator, don't care. While I've ignored this kernel issue over the weekend, I get to actively compile come kernel patches and test those. I'll bet, even before my testing, that I'll be able to have a production solution by tomorrow. Even if SP2 releases this afternoon, I'll still have to test it before deployment, so the Linux solution will be in production first.

    --
    Kinetic stupidity has a new brand leader: Allen Zadr.
  6. Know what else by Anonymous Coward · · Score: 4, Insightful

    As for this bug, don't start bashing Linux left and right. Linux isn't perfect, no software is. But unlike when there is a bug in windows a fix is on the way as fast as possible. In fact, there is a patch on the site right now! And for you zealots who say stuff like "No big deal, who is going to do that? No the kind of person you give shell access to." shut up. Admit that Linux is not the perfection in computing.

    You know what else makes the kernel crash? At least if you are using 2.6.5 or higher if you enable APIC/APIC-IO and you have an nforce chipset the system will lock up as soon as you do too much I/O.

  7. Re:The best way to avoid this bug by TheRaven64 · · Score: 4, Insightful
    The question is not when it will be modded down, but who will do the modding. Will it be:
    1. Linux zealots moderating it down because it suggests that you buy a Mac, or
    2. Mac zealots moderating it down because it suggests you don't use OS X?
    Gentlemen, place your bets now.
    --
    I am TheRaven on Soylent News
  8. Re:This is another reason why C should be deprecat by Tenareth · · Score: 3, Insightful

    I guess everybody missed the sarcasm.

    --
    This sig is the express property of someone.
  9. Re:A good time to disable compiler access by PoochieReds · · Score: 5, Insightful

    This does no good if someone builds the program on another machine and then copies it to your host. Limiting compiler access really doesn't help secure anything unless you also prevent anyone from transferring any files to the machine (which is quite impractical).

  10. Re:A good time to disable compiler access by Sloppy · · Score: 5, Insightful
    Having a local compiler available makes things easier, but it doesn't give a user any fundamental powers that they wouldn't already have. They can get executable code into the system in other ways, even if they don't have a local compiler. Transfer it from another computer, or even manually enter it. Are you also going to disable cat and chmod?

    I don't think this idea is useful.

    --
    As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
  11. Re:This is the best they can come up with? by BenjyD · · Score: 5, Insightful

    This is a reasonably serious bug. A well-configured *nix box should not be crashable by anything a normal user can do. The amount of memory a user can allocate, the number of processes they can launch, the size and number of files they can create should all be limited through user limits. There is no way (AFICS) to prevent this bug being exploited through those kind of limits. If there are lots of people logged in, figuring out who crashed the box would be quite hard - just have the crashing program delete itself before it crashes the box.

    Hitting ctrl-alt-delete or the power requires physical access, which shell users almost never have (I don't even know where most of the computers I use every day are - they could be in Timbuktu for all I care).