Login   |   Secure Purdue > News

Linux 2.4 and 2.6 kernel vulnerability

A recently discovered vulnerability in the Linux 2.4 and 2.6 kernels can allow an attacker with local user privileges to gain root access using a widely distributed exploit for a NULL pointer reference caused by incorrect proto_ops initializations. As of August 17th, the issue is still unpatched and the vulnerability affects basically all distributions of Linux running on the 2.4 or 2.6 kernels.

More info:




Be on the lookout for patches soon, especially if you run an open Linux server.

Posted by Brett Davis on August 17, 2009, in Handlers Log.