dcsimg
Linux Today: Linux News On Internet Time.





More on LinuxToday


Linux Kernel Hole Exploited, Despite Patch Release

Feb 14, 2008, 14:30 (2 Talkback[s])

The Register: Major Linux Security Glitch Lets Hackers in at Claranet

"A major security vulnerability in the Linux kernel, which was revealed on Sunday, has claimed its first confirmed UK victim in business ISP Claranet.

"Hackers used a bug in the sys_vmsplice kernel call, which handles virtual memory management, to gain root privileges and replace Claranet customers' index.html files with the hacker's calling card..."

Complete Story

Linux-Watch: Linux Hole Patched

"Not long after we reported that there was a major security hole in Linux, the Linux kernel developers came up with a permanent patch for the problem.

"The security hole was with the relatively new Linux kernel system call sys_vmsplice. This system call moves data from a user space memory address range via a pipe to another destination. It's present in Linuxes using the Linux kernel from Version 2.6.17 to what had been the latest production Linux kernel, 2.6.24.1..."

Complete Story

Related Stories: