Linux Today: Linux News On Internet Time.

Root privileges through Linux kernel bug - Update

Aug 18, 2010, 18:42 (0 Talkback[s])

"According to a reportPDF written by Rafal Wojtczuk, a conceptual problem in the memory management area of Linux allows local attackers to execute code at root level. The Linux issue is caused by potential overlaps between the memory areas of the stack and shared memory segments.

"As a potential attack scenario, Wojtczuk describes the X Server, where the distance between the boundaries of the heap and stack can be made very small by filling the memory with data such as pixmaps. A subsequent request for a shared memory segment by the attacker will result in the segment being added to the end of the heap."

Complete Story

Related Stories: