---

Root privileges through Linux kernel bug – Update

“According to a reportPDF written by Rafal Wojtczuk, a
conceptual problem in the memory management area of Linux allows
local attackers to execute code at root level. The Linux issue is
caused by potential overlaps between the memory areas of the stack
and shared memory segments.

“As a potential attack scenario, Wojtczuk describes the X
Server, where the distance between the boundaries of the heap and
stack can be made very small by filling the memory with data such
as pixmaps. A subsequent request for a shared memory segment by the
attacker will result in the segment being added to the end of the
heap.”


Complete Story

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis