More vulnerabilities found in Linux kernel

News

More vulnerabilities found in Linux kernel

Daniel Thomas
Linux distributors Red Hat and Guardian Digital and open source developers rushed out a new version of the Linux kernel last week, after security experts discovered a vulnerability that could be exploited by malicious hackers.

The security hole was identified by iSEC Security Research. It warned that hackers could use the flaw, found in the "mremap" component of the Linux kernel, to create an invalid virtual memory area. Hackers could then destabilise the operating system or allow a malicious user to run attack code on the system.

Attackers would need local user access to the vulnerable machine, but would not need any special privileges on the Linux system to exploit the hole, iSEC said.

Another security flaw, which results in a device driver problem that could allow an intruder to read some of the memory the kernel uses, was also discovered last week.

Last week's warnings followed another critical flaw in version 2.4 of the Linux kernel, which emerged in December. Malicious hackers used that vulnerability to attack servers belonging to the Debian Project, which produces the Debian Linux distribution.

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy