Slashdot Mirror

← Back to Stories (view on slashdot.org)

Bug In Most Linuxes Can Give Untrusted Users Root

Posted by kdawson on from the patchin'-place dept.

Red Midnight and other readers brought to our attention a bug in most deployed versions of Linux that could result in untrusted users getting root access. The bug was found by Brad Spengler last month. "The null pointer dereference flaw was only fixed in the upcoming 2.6.32 release candidate of the Linux kernel, making virtually all production versions in use at the moment vulnerable. While attacks can be prevented by implementing a common feature known as mmap_min_addr, the RHEL distribution... doesn't properly implement that protection... The... bug is mitigated by default on most Linux distributions, thanks to their correct implementation of the mmap_min_addr feature. ... [Spengler] said many other Linux users are also vulnerable because they run older versions or are forced to turn off [mmap_min_addr] to run certain types of applications." The register reprints a dialog from the OpenBSD-misc mailing list in which Theo De Raadt says, "For the record, this particular problem was resolved in OpenBSD a while back, in 2008. We are not super proud of the solution, but it is what seems best faced with a stupid Intel architectural choice. However, it seems that everyone else is slowly coming around to the same solution."

3 of 281 comments (clear)

  1. Re:obvious troll is obvious. by zennyboy · · Score: 1, Offtopic

    OK then; I reply to myself rather than attaching this to any one particular reply. But Flaimbait?? Really? I thought it was a reasonably concise, intelligent reply. It may be that my observation had been made before about other similar situations, but then, in similar situations, of-course people will make similar replies. I had not read about the other bugs in the Linux kernel, but I do see people hammering Windows day after day after day. And these comments get modded up day after day after day. Why am I a troll? Why is my comment Flaimbait? It was not intentional but perhaps it reflects Slashdot mentality?

  2. Re:obvious troll is obvious. by zennyboy · · Score: 0, Offtopic

    I have to say, I smiled IRL at your comment! I am not in a hole and nor will I be. This is Slashdot, not RL! If anyone here actually cares about replies to their comments, they need to look out the window :-) So my comments have sparked discussion (as proven by my inbox) then this is great. This is why we read Slashdot, no? To comment and counter comment? I only object to being smeared as a Troll and Flaimbait'er. People who comment and counter-comment get my vote. People whom click -1 Troll... Psst.

  3. Re:obvious troll is obvious. by s2theg · · Score: 0, Offtopic

    OX : OXEN : : LINUX : LINUXEN