Linux Today: Linux News On Internet Time.





More on LinuxToday


Linux Users Face Risk From Kernel Vulnerability

Aug 19, 2010, 20:32 (3 Talkback[s])
(Other stories by Sean Michael Kerner)

"The Linux kernel has potentially been at risk from a flaw that has been present in Linux since 2003, according to a new finding from security researcher Invisible Things Lab. And while the flaw has now been patched in the mainline Linux kernel, it's not clear yet if all Linux distros have implemented the patch -- potentially leaving them open to exploitation by attackers.

"Security researcher Rafal Wojtczuk from Invisible Things Lab detailed the kernel flaw in a report (PDF format) released officially this week, although Linux developers and distros have been aware of the issue since at least June.

""A malicious authenticated client can force Xorg server to exhaust (or fragment) its address space," Wojtczuk wrote. "If running on Linux, this may result in the process stack top being in an unexpected region and execution of arbitrary code with server privileges (root)."

Complete Story

Related Stories: