Slashdot Mirror


Weakness In Linux Kernel's Binary Format

Goodfellas writes, "This document aims to demonstrate a design weakness found in the handling of simply linked lists used to register binary formats handled by the Linux kernel. It affects all the kernel families (2.0/2.2/2.4/2.6), allowing the insertion of infection modules in kernel space that can be used by malicious users to create infection tools, for example rootkits. Proof of concept, details, and proposed solution (in PDF form): English, Spanish.

6 of 281 comments (clear)

  1. 1 meg PDF? by Lehk228 · · Score: 4, Funny

    yes, a pdf linked from slashdot will last a long time...

    oh wait it's already gone

    --
    Snowden and Manning are heroes.
  2. Too bad you have to be root. by czehp · · Score: 5, Funny

    OMFG! I have a security flaw... but you have to be _root_ to execute it! AHHHHH It's the end of the world!

    I discovered a new one too... if you run rm -rf / as root you'll bork your system!

    We should all go back to windows, where rm doesn't exist ^_^

  3. And? Hol-e terror. by Anonymous Coward · · Score: 3, Funny

    "Yes, look for these sorts of things and find them but it's hardly worth the shock-factor of "Massive Hole Found In Linux" panic headlines."

    If I found Goatse.cx in Linux? I'd panic too.

  4. simply by Anonymous Coward · · Score: 5, Funny

    simply linked list

    As opposed to difficultly linked lists?

  5. Weakness In Linux Kernel's Binary Format by nick_davison · · Score: 5, Funny

    A weakness in the binary format? OK, who's to blame here, the ones or the zeroes?

    You'd have thought they'd have caught this sooner. It's not like it's that long of a list to exhaustively test.

  6. Re:Probably none. by TeraCo · · Score: 4, Funny
    but this is both time consuming and impossible

    Phew, I'm glad it's not just impossible. That might have been risky.

    --
    Not Meta-modding due to apathy.