Cracks in Linux Kernel Plugged

Open-source developers have released an upgrade to Version 2.4 of the kernel to fix a pair of security vulnerabilities, including one that could let attackers run their own code on target systems.

The maintainers of the Linux kernel have released a new version of the 2.4 series kernel to fix two security vulnerabilities, including one that enables attackers to escalate their privilege level and run arbitrary code.

Nearly a day after researchers disclosed the vulnerabilities, a young computer engineer posted proof-of-concept exploit code for one of the flaws—a virtual memory vulnerability—to a mailing list. The code, designed to run on x86 machines, was posted on the BugTraq security list.

The more serious of the two vulnerabilities is in a system call that deals with the way that addressable space is allocated and shifted in virtual memory areas. Because of a faulty bounds check, a local attacker could exploit this flaw to run his own code on the machine or disrupt other areas of the computers virtual memory, according to an advisory posted Monday by iSec Security Research, a Polish security organization.

The authors of the bulletin said that they have developed exploit code for the vulnerability and have found two separate attack vectors in the Linux 2.4 kernel.

This vulnerability is not found in the 2.6 series kernel, which is separate from the 2.4 series. Version 2.4.24 is the latest updated release that includes the security fixes.

The other flaw thats fixed in the new version relates to a device driver that can leak memory information to some unprivileged users.


(Editors Note: This story has been updated since its original posting to include information about the posting of exploit code.)