1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Bug exposes eight years of Linux kernel

Discussion in 'News' started by Fergal1982, Aug 14, 2009.

  1. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    171
    211

    Bug exposes eight years of Linux kernel



    Linux developers have issued a critical update for the open-source OS after researchers uncovered a vulnerability in its kernel that puts most versions built in the past eight years at risk of complete takeover.

    The bug involves the way kernel-level routines such as sock_sendpage react when they are left unimplemented. Instead of linking to a corresponding placeholder, (for example, sock_no_accept), the function pointer is left uninitialized. Sock_sendpage doesn't always validate the pointer before dereferencing it, leaving the OS open to local privilege escalation that can completely compromise the underlying machine.

    Full Story: here
    I'm sure theres a dig to be had here somewhere...
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
porta2_tags:

Comments

    1. jk2447
      jk2447
      Good to know thanks
    2. Obinna Osobalu
      Obinna Osobalu
      With all the vociferousness about how secure Open-source is. As the popular saying goes, "Too many cooks spoil the broth". Actually, I don't seem surprised. :D
    3. ThomasMc
      ThomasMc
      This has been fixed already "yum update" :)

    Share This Page