Linux kernel security vuln fixed
Geplaatst: 06 jan 2004, 18:19
<img src="http://www.userbase.be/forum/images/portal/pinguin2.jpg" border="0" align="left"> Linux users are urged to patch their systems following yesterday's disclosure of a serious security vulnerability in Linux kernel software.
"The flaw stems from shortcomings in code used to control virtual memory (the mremap(2) system call)and can be exploited to run malicious code on vulnerable systems (as explained here).
Polish security outfit iSEC, which discovered the vuln, warns that "proper exploitation of this vulnerability may lead to local privilege escalation including execution of arbitrary code with kernel level access".
The flaw affects the 2.2, 2.4 and 2.6 series Linux kernel, according to iSEC. Even though exploiting the vulnerability is far from straightforward, proof-of-concept exploit code has been created for the 2.4 kernel."
lees hierover meer
bron: The Register
"The flaw stems from shortcomings in code used to control virtual memory (the mremap(2) system call)and can be exploited to run malicious code on vulnerable systems (as explained here).
Polish security outfit iSEC, which discovered the vuln, warns that "proper exploitation of this vulnerability may lead to local privilege escalation including execution of arbitrary code with kernel level access".
The flaw affects the 2.2, 2.4 and 2.6 series Linux kernel, according to iSEC. Even though exploiting the vulnerability is far from straightforward, proof-of-concept exploit code has been created for the 2.4 kernel."
lees hierover meer
bron: The Register
