Featured Articles

Apple iPad Air 2 costs $275 to build

Apple iPad Air 2 costs $275 to build

IHS has told Recode that the Apple iPad Air 2 16GB Wifi costs only $275 to build -- not bad…

More...
LG sells 16.8 million smartphones in Q3 14

LG sells 16.8 million smartphones in Q3 14

As Samsung is losing market share, another Korean company, which many had written off, is gaining.

More...
LG G Watch R EU price set at €299

LG G Watch R EU price set at €299

LG G Watch R is probably the best looking Android Wear device on the market and many have been waiting for…

More...
Nvidia GTX 970 SLI tested

Nvidia GTX 970 SLI tested

Nvidia recently released two new graphics cards based on its latest Maxwell GPU architecture, with exceptional performance-per-watt. The Geforce GTX 970…

More...
Gainward GTX 970 Phantom previewed

Gainward GTX 970 Phantom previewed

Nvidia has released two new graphics cards based on its latest Maxwell GPU architecture. The Geforce GTX 970 and Geforce GTX…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Friday, 22 October 2010 12:19

Linux has a serious security flaw

Written by Nick Farell


Deep in the kernel
Insecurity outfit VSR Security has warned that the Linux operating system contains a serious security flaw that can be exploited to gain superuser rights on a target system.

The vulnerability, in the Linux implementation of the Reliable Datagram Sockets (RDS) protocol, affects unpatched versions of the Linux kernel, starting from 2.6.30, where the RDS protocol was first included. VSR Security said that Linux installations are only vulnerable if the CONFIG_RDS kernel configuration option is set, and if there are no restrictions on unprivileged users loading packet family modules, as is the case on most stock distributions.

Kernel functions responsible for copying data between kernel and user space. If they don't verify that a user-provided address resided in the user segment, a local attacker could issue specially crafted socket function calls to write arbritrary values into kernel memory. Once they have done that it is a doddle to escalate privileges to root.

The outfit has been showing off a proof-of-concept exploit to demonstrate the severity of the vulnerability.  The exploit was tested on Ubuntu 10.04 (64-bit) and opened a root shell.  There is a patch available and the problem will be fixed in the next Kernel upgrade.

Nick Farell

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments