Linux kernel exploit gets patched

Summary: A fix has been developed for a vulnerability in the Linux kernel that potentially leaves machines open to a privilege escalation exploit.

A fix has been developed for a vulnerability in the Linux kernel that was made public at the weekend.

The software flaw potentially leaves computers vulnerable to a privilege escalation exploit, which could be used to escalate a user or piece of software's privileges on the machine.

The exploit, which affects kernel versions 3.3 through to 3.8, was mentioned in a Common Vulnerabilities and Exposures request at the weekend.

The request detailed the vulnerability: "An unprivileged user can send a netlink message resulting in an out-of-bounds access of the sock_diag_handlers array which, in turn, allows userland to take over control while in kernel mode."

The vulnerability will be fixed in the Linux 3.9 kernel.

Topics: Linux, Security

About

Nick Heath is chief reporter for TechRepublic UK. He writes about the technology that IT-decision makers need to know about, and the latest happenings in the European tech scene.

Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.