More vulnerabilities found in Linux kernel


More vulnerabilities found in Linux kernel

Daniel Thomas
Linux distributors Red Hat and Guardian Digital and open source developers rushed out a new version of the Linux kernel last week, after security experts discovered a vulnerability that could be exploited by malicious hackers.

The security hole was identified by iSEC Security Research. It warned that hackers could use the flaw, found in the "mremap" component of the Linux kernel, to create an invalid virtual memory area. Hackers could then destabilise the operating system or allow a malicious user to run attack code on the system.

Attackers would need local user access to the vulnerable machine, but would not need any special privileges on the Linux system to exploit the hole, iSEC said.

Another security flaw, which results in a device driver problem that could allow an intruder to read some of the memory the kernel uses, was also discovered last week.

Last week's warnings followed another critical flaw in version 2.4 of the Linux kernel, which emerged in December. Malicious hackers used that vulnerability to attack servers belonging to the Debian Project, which produces the Debian Linux distribution.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy