News

Kernel flaw can crash Linux, warn security experts

A flaw in the Linux kernel allows a 20-line C program to crash most distributions using the 2.4 and 2.6 kernels running on x86 and x86-64 architectures, according to security researchers.

The problem means that anyone with an ordinary user account on a Linux machine can crash the entire server, according to Øyvind Sæther, who discovered the bug with Stian Skjelstad. Administrator access is not required.

"Using this exploit to crash Linux systems requires the user to have shell access or other means of uploading and running the program [such as cgi-bin and FTP access]," Sæther wrote in an advisory.

"This exploit has been reportedly used to take down several lame free-shell providers' servers."

Linux developers released a kernel patch to coincide with the advisory, available on kernel.org. Major Linux suppliers have also begun releasing their own versions of the fix, including Red Hat's Fedora Project and Gentoo Linux.

The most recent updates to the Linux kernel, to be available in version 2.6.7, fix the problem, according to Linus Torvalds.

The bug is in the way the kernel handles floating point exceptions, developers said. While it is serious, two factors limit the danger: it can only be exploited by someone with a valid user account and it does not allow the attacker to gain control of the system.

As Linux continues to grow in popularity and market share, security researchers and potential attackers are increasing their scrutiny on the operating system's underlying code, with the result that more problems are inevitably coming to light, said industry observers.

Microsoft has attempted to exploit this fact by showing open-source suppliers security efforts in an unfavourable light. This effort has been assisted by research such as Forrester Research's controversial "days of risk" study, which concluded that Linux suppliers had on average taken longer than Microsoft to release patches - a conclusion disputed by Linux companies.

Recently, Linux suppliers were forced to distribute patches for a critical flaw in CVS, a widely used program for collaborating on software development, that could have allowed a malicious user unauthorised access to development code.

The flaw, found by e-Matters, allows a user to exploit a "heap overflow" that could allow them to execute arbitrary code on the CVS server, according to Stefan Esser, chief security and technology officer at e-Matters.

Following the discovery of this bug, researchers decided to have a closer look at the CVS source code and discovered at least six more flaws, including one that could allow an attacker to take control of CVS from the internet.

Matthew Broersma writes for Techworld.com


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy