The security hole was identified by iSEC Security Research. It warned that hackers could use the flaw, found in the "mremap" component of the Linux kernel, to create an invalid virtual memory area. Hackers could then destabilise the operating system or allow a malicious user to run attack code on the system.
Attackers would need local user access to the vulnerable machine, but would not need any special privileges on the Linux system to exploit the hole, iSEC said.
Another security flaw, which results in a device driver problem that could allow an intruder to read some of the memory the kernel uses, was also discovered last week.
Last week's warnings followed another critical flaw in version 2.4 of the Linux kernel, which emerged in December. Malicious hackers used that vulnerability to attack servers belonging to the Debian Project, which produces the Debian Linux distribution.