/>
X
Business

Holes found in Linux Ubuntu kernel

Almost 40 vulnerabilities have been discovered in the kernel of Linux Ubuntu 10.04, also known as Lucid Lynx, which is a long-term support version of the operating system.
Written by Darren Pauli, Contributor on

Almost 40 vulnerabilities have been discovered in the kernel of Linux Ubuntu 10.04, also known as Lucid Lynx, which is a long-term support version of the operating system.

The holes, which allow remote and local exploits, also apply to corresponding versions of Kubuntu, Edubuntu and Xubuntu. The vulnerabilities include an issue with the way the Common Internet File System validates Internet Control Message Protocol (ICMP) response packets. The issue allows an attacker to send denial-of-service crafted packets. In addition, a hole in the Network File System v4 (NFSv4) bungles certain write requests allowing malicious users to craft traffic to gain root privileges.

"If you block ICMP you will get UDP (User Datagram Protocol) trouble because it does not have reliability built into it. You will get ICMP messages back," Securus Global researcher Declan Ingram said. "Being able to cause a kernel panic with an ICMP unreachable message is bad."

For more on this story, read Ubuntu peppered with holes on ZDNet Australia.

Editorial standards

Related

The 16 best Cyber Monday deals under $30 still available
Amazon Fire TV Stick 4K

The 16 best Cyber Monday deals under $30 still available

These file types are the ones most commonly used by hackers to hide their malware
getty-a-woman-looking-at-a-laptop-with-a-concerned-expression.jpg

These file types are the ones most commonly used by hackers to hide their malware

Don't waste your money on these Apple products: December 2022 edition
Waiting in line for the Apple Store

Don't waste your money on these Apple products: December 2022 edition