Linux 2.4 and 2.6 kernel vulnerability

A recently discovered vulnerability in the Linux 2.4 and 2.6 kernels can allow an attacker with local user privileges to gain root access using a widely distributed exploit for a NULL pointer reference caused by incorrect proto_ops initializations. As of August 17th, the issue is still unpatched and the vulnerability affects basically all distributions of Linux running on the 2.4 or 2.6 kernels.

More info:

http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0174.html

http://www.securityfocus.com/bid/36038

https://bugzilla.redhat.com/show_bug.cgi?id=516949

Be on the lookout for patches soon, especially if you run an open Linux server.

Posted by Brett Davis on August 17, 2009, in Handlers Log.

Purdue University, 610 Purdue Mall, West Lafayette, IN 47907, (765) 494-4600

© 2016 Purdue University | An equal access/equal opportunity university | Integrity Statement | Copyright Complaints | Maintained by ITaP

Trouble with this page? Disability-related accessibility issue? Please contact ITaP at itap@purdue.edu.

PDF files can be viewed in Adobe Acrobat Reader.