News

Linux developer warns of vulnerability allowing root access

One of the developers of the original Linux core has posted a vulnerability notice with details of a flaw that could allow a local user to assume control of a Linux computer.

Alan Cox, who worked with Linus Torvalds on the software that spawned the Linux operating system, sent an e-mail message to a mailing list for Linux kernel developers detailing a flaw in a debugging component known as ptrace. The flaw affects the Linux 2.2 and Linux 2.4 kernels, and a patch is available at http://www.spinics.net/lists/kernel/msg162986.html

Remote users could not use the flaw to obtain root privileges, or control of individual machines, Cox said in the e-mail. Only users who are already authorised to use a machine on a local network could exploit the flaw. Version 2.5 of Linux was unaffected.

Cox's employer, Red Hat, also posted a patch for Red Hat 7.1, 7.2, 7.3, and 8.0 at https://rhn.redhat.com/errata/RHSA-2003-098.html?tag=nl


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy