Posted on 08/13/2009 10:09:28 PM PDT by zeugma
From Slashdot:
"Tavis Ormandy and Julien Tinnes have discovered a severe security flaw in all 2.4 and 2.6 kernels since 2001 on all architectures. 'Since it leads to the kernel executing code at NULL, the vulnerability is as trivial as it can get to exploit: an attacker can just put code in the first page that will get executed with kernel privileges.'"
Note: this is a local exploit, not remote. Looks like the fix for this is in the current tree and is being run through the standard processes. The above link includes all the gory details.
Tech ping for Linux folk. Appears to be an error with processing null pointers. Can’t believe those things are still around.
Patch is already committed by Linux. Linux admins should update.
If you have physical access to a Linux computer unless you have information encrypted it’s not hard to get in.
Fixed that for you.
You're welcome.
The issue with this particular defect is that it allows any local user to exploit it. Unlike MS-Windows, many unix systems have multiple users that can all be logged in remotely at the same time. Basically, if you have shell access, you can r00t the box. There appear to be ways to mitigate the vulnerability, such as turning off IPX and some other services.
If you're a home user that doesn't allow other folks to login to your box, this issue really doesn't affect you. I'm not worrying about the various linux boxes I have around the house, as I tend to trust my wife and mother-in-law not to try to hack our workstations. Systems administrators that allow shell access should be concerned though.
There, fixed it for you. I subscribe to the old-school admin theories.
/johnny
sudo yum -y update reboot
Sucks to lose your uptime stats.
Sometimes you can't do that though. For instance a web-hosting company that provides shell access.
I escalated his case to management, who kneecapped him into submission. You have to have good management to fall back on.
/johnny
Is there an official patch release level for 2.4 and 2.6 kernels that reflects the fix? I had a ton of patches on my Fedora 10 systems last weekend.
My work laptop is a Fedora 11 box and I also had a series of patches as well. In fact, I believe I will have to down rev udev in order to restore automount function for CD/DVD drive.
However, I do not know if the patches reflect the fix for this as Linus did not “mainstream” the patch till the 13th. I assume the security patch I received on the 13th included this but I am not sure. And to be honest, don’t really have a significant input or exposure as there are no other users on my laptop. This vulnerability is primarily targeted at those systems that are multi-user as it is a local exploit.
I know this is a probably a very stupid question, but what would happen if you could get the hardware to trap when anyone calls a null function pointer?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.