Linux kernel exploit gets patched

A fix has been developed for a vulnerability in the Linux kernel that potentially leaves machines open to a privilege escalation exploit.

A fix has been developed for a vulnerability in the Linux kernel that was made public at the weekend.

The software flaw potentially leaves computers vulnerable to a privilege escalation exploit, which could be used to escalate a user or piece of software's privileges on the machine.

The exploit, which affects kernel versions 3.3 through to 3.8, was mentioned in a Common Vulnerabilities and Exposures request at the weekend.

The request detailed the vulnerability: "An unprivileged user can send a netlink message resulting in an out-of-bounds access of the sock_diag_handlers array which, in turn, allows userland to take over control while in kernel mode."

The vulnerability will be fixed in the Linux 3.9 kernel.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All
See All