---

Linux Kernel Hole Exploited, Despite Patch Release

The Register: Major Linux Security Glitch Lets Hackers in at
Claranet

“A major security vulnerability in the Linux kernel, which was
revealed on Sunday, has claimed its first confirmed UK victim in
business ISP Claranet.

“Hackers used a bug in the sys_vmsplice kernel call, which
handles virtual memory management, to gain root privileges and
replace Claranet customers’ index.html files with the hacker’s
calling card…”


Complete Story

Linux-Watch: Linux Hole Patched

“Not long after we reported that there was a major security hole
in Linux, the Linux kernel developers came up with a permanent
patch for the problem.

“The security hole was with the relatively new Linux kernel
system call sys_vmsplice. This system call moves data from a user
space memory address range via a pipe to another destination. It’s
present in Linuxes using the Linux kernel from Version 2.6.17 to
what had been the latest production Linux kernel, 2.6.24.1…”

Complete
Story

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis