Linux kernel exploit gets patched

A fix has been developed for a vulnerability in the Linux kernel that potentially leaves machines open to a privilege escalation exploit.

A fix has been developed for a vulnerability in the Linux kernel that was made public at the weekend.

The software flaw potentially leaves computers vulnerable to a privilege escalation exploit, which could be used to escalate a user or piece of software's privileges on the machine.

The exploit, which affects kernel versions 3.3 through to 3.8, was mentioned in a Common Vulnerabilities and Exposures request at the weekend.

The request detailed the vulnerability: "An unprivileged user can send a netlink message resulting in an out-of-bounds access of the sock_diag_handlers array which, in turn, allows userland to take over control while in kernel mode."

The vulnerability will be fixed in the Linux 3.9 kernel.