---

sendmail.net: Serious Linux Kernel Bug Discovered

[ Thanks to Mark
Durham
for this link. ]

“A serious bug has been discovered in the Linux kernel that can
be used by local users to gain root access. The problem, a
vulnerability in the Linux kernel capability model, exists in
kernel versions up to and including version 2.2.15. According to
Alan Cox, a key member of the Linux developer community, “It will
affect programs that drop setuid state and rely on losing saved
setuid, even those that check that the setuid call succeeded.”

To ensure that this vulnerability cannot be exploited by
programs running on Linux, Linux users are advised to update to
kernel version 2.2.16 immediately.

“Because this vulnerability can be used to attack any setuid
root program that attempts to cede special permissions – including
sendmail – a patched version of sendmail has been released that
checks for this vulnerability in the kernel. If it is present,
sendmail refuses to run, making it impossible to use sendmail to
exploit the problem. The patched version, sendmail 8.10.2, also
does more detailed checks on certain system calls – notably
setuid(2) – to detect other possible attacks. While programs like
sendmail and procmail are possible vectors of attack, sources in
the Linux development community have emphasized that “this is a
problem with Linux, not with sendmail.”

Complete
Story

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis