Multiple flaws reported in Linux

Multiple flaws reported in Linux

Summary: Vulnerabilities affecting the Linux kernel up to 2.6.24.1 have been reported, affecting Ubuntu, Suse, Red Hat, Mandrake and Debian distributions

SHARE:
TOPICS: Security
1

Multiple vulnerabilities have been reported in many iterations and distributions of Linux.

The flaws, as reported by Linux vulnerability researcher Jens Axboe on Wednesday, affect versions of Ubuntu, Suse, Red Hat, Mandrake, Debian and iterations of the Linux kernel up to, but not including, Linux 2.6.24.1.

The most serious flaw is a memory-access vulnerability. Rated as "high" severity (the second highest rating) by the US National Vulnerability Database, the memory-access validation flaw allows a local attacker to gain root administrator privileges via "crafted arguments in a vmsplice system call".

Exploit code for this vulnerability is available online.

Security site SecurityFocus has provided links to patches for these vulnerabilities.

Topic: Security

Tom Espiner

About Tom Espiner

Tom is a technology reporter for ZDNet.com. He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment
Log in or register to join the discussion
  • Already Fixed before your story!!

    A patch to block the main security vulnerability was issued within hours of identification. Permanent patch was issued Feb 10, before your story!
    You might want to compare that to Microsoft who on average, take months to patch even serious security flaws, not to mention the hundreds of flaws in comparison to a few in Linux.
    metsteve