2009-08-14, 06:44 AM
(This post was last modified: 2009-08-14, 04:05 PM by Dungeon-Dave.)
It's the end of the world. Again. According to some Linux developers and security researchers, a bug in the Linux kernel has just been uncovered that makes just about every distribution utilizing kernel 2.4 and 2.6 on just about all architectures since May of 2001 vulnerable to a certain kind of attack.
I'm not any sort of developer, so basically all of this makes no sense to me except that whatever comprises the aforementioned bug allows an attacker to escalate local privileges and completely compromise the entire system. Julien Tinnes, a security researcher who does know his way around kernel code, wrote the following details about the bug.
Quote:At first sight, the code in af_ipx.c looks correct and seems to initialize .sendpage properly. However, due to a bug in the SOCKOPS_WRAP macro, sock_sendpage will not be initialized. This code is very fragile and there are many other protocols where proto_ops are not correctly initialized at all (vulnerable even without the bug in SOCKOPS_WRAP)... Since it leads to the kernel executing code at NULL, the vulnerability is as trivial as it can get to exploit: an attacker can just put code in the first page that will get executed with kernel privileges.
more > http://www.osnews.com/story/21993/Eight_...Vulnerable