RDS Protocol Bug Creates a Linux Kernel Hole, Now Fixed

Posted by timothy on Thursday October 21, 2010 @06:23AM from the what-does-the-sky-think-as-it-falls dept.

Trailrunner7 writes "The open-source Linux operating system contains a serious security flaw that can be exploited to gain superuser rights on a target system. The vulnerability, in the Linux implementation of the Reliable Datagram Sockets (RDS) protocol, affects unpatched versions of the Linux kernel, starting from 2.6.30, where the RDS protocol was first included." The article goes on to say, though, that "Linux installations are only vulnerable if the CONFIG_RDS kernel configuration option is set, and if there are no restrictions on unprivileged users loading packet family modules, as is the case on most stock distributions," and that Linus Torvalds has committed a fix.

2 of 89 comments (clear)

Min score:

Reason:

Sort:

Exasperated Linus by BadAnalogyGuy · 2010-10-21 06:31 · Score: 0, Troll

It must piss him off to no end when people add broken features like this to his operating system.
If it were MS, it would be months later by Maarek · 2010-10-21 06:58 · Score: 0, Troll

Until the fix was sent out to everyone. Even though Apple and MS people find something like this with Linux, the issue is immediately fixed and distributed overnight rather then waiting for a committee from Microsoft to fix the problem months from now.