SearchEnterpriseLinux: Serious Security Flaw Fixed in Linux Kernel
Jan 07, 2004, 14:00 (0 Talkback[s])
(Other stories by Michael S. Mimoso)
"A new version of the 2.4 Linux kernel was released overnight
that addresses a serious security hole that could enable any user
to escalate his privileges on a machine and run code.
"The flaw lies in the memory management code in the mremap
system call in versions up to and including 2.4.23. Mremap resizes
and moves processes into virtual memory areas (VMAs). An incorrect
bounds check could lead to a malicious VMA that could disrupt other
areas of the kernel's memory management subroutines, according to
an alert released by Polish research firm iSEC Security Research
"Researcher Paul Starzetz, who discovered the flaw, said his
team concentrated on the 2.4 kernel, but he said it is possible the
recently released 2.6 kernel is affected as well..."