Linux kernel exploit roots 64-bit machines

Summary:An exploit for the Linux kernel is being used in the wild to compromise an increasing number of machines, security organisations have warned

Attackers have used a freely available exploit to target a number of 64-bit Linux machines, according to a Linux patch management software firm.

The exploit is particularly pernicious, as it can leave a backdoor on systems that have workarounds deployed, according to rebootless Linux security update company Ksplice. The stack pointer underflow weakness has been given a common vulnerability code of CVE-2010-3081.

"In the last day, we've received many reports of people attacking production systems using an exploit for this vulnerability, so if you run Linux systems, we recommend that you strongly consider patching this," said Ksplice chief executive Jeff Arnold in a blog post on Saturday.

Exploit code was made available on the Full Disclosure mailing list on Wednesday. Arnold said that the flaw was introduced into the Linux kernel in 2008 and involves every 64-bit Linux distribution.

"Essentially every distribution is affected, including RHEL, CentOS, Debian, Ubuntu, Parallels Virtuozzo Containers, OpenVZ, CloudLinux, and SuSE, among others," said Arnold.

Red Hat said in an advisory that it had patched its Red Hat Enterprise Linux (RHEL) software on Sunday.

The flaw was reported by security researcher Ben Hawkes on 7 September, and patched by Linux kernel developers on 14 September.

Security organisation Sans Institute said on Sunday that it recommended Linux administrators patch the kernel, and use Ksplice software to check machines for the problem.

Topics: Security

About

Tom is a technology reporter for ZDNet.com, writing about all manner of security and open-source issues.Tom had various jobs after leaving university, including working for a company that hired out computers as props for films and television, and a role turning the entire back catalogue of a publisher into e-books.Tom eventually found tha... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.