Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Bug exposes Linux users

Mar 13, 2004 8:41AM PST

Source: vnunet.com
Date Written: March 11, 2004
Date Collected: March 12, 2004

Researchers at Polish security consultancy ISec have issued a warning to Linux users about a "critical" kernel vulnerability affecting Linux versions from 2.2 onwards. The flaw, "in the Linux kernel memory management code in the mremap(2) system call," is caused by a missing function return value check. According to the advisory, a malicious attacker with access to a locally connected PC could exploit the problem to gain root access to a vulnerable system or cause a denial of service. Patches to fix the flaw have been released by major Linux vendors, including Suse Linux and Red Hat. Some media reports dispute whether this is, in fact, a new vulnerability or simply an update to an advisory about an existing flaw.

http://www.vnunet.com/News/1153435

Discussion is locked