One of the developers of the original Linux core has posted a vulnerability notice with details of a flaw that could allow a local user to assume control of a Linux computer.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Alan Cox, who worked with Linus Torvalds on the software that spawned the Linux operating system, sent an e-mail message to a mailing list for Linux kernel developers detailing a flaw in a debugging component known as ptrace. The flaw affects the Linux 2.2 and Linux 2.4 kernels, and a patch is available at http://www.spinics.net/lists/kernel/msg162986.html
Remote users could not use the flaw to obtain root privileges, or control of individual machines, Cox said in the e-mail. Only users who are already authorised to use a machine on a local network could exploit the flaw. Version 2.5 of Linux was unaffected.
Cox's employer, Red Hat, also posted a patch for Red Hat 7.1, 7.2, 7.3, and 8.0 at https://rhn.redhat.com/errata/RHSA-2003-098.html?tag=nl