Month of Kernel Bugs: Linux in the lead
At this point in time, nine vulnerabilities in operating system kernels have been publicised as part of the Month of Kernel Bugs. Following on July's Month of Browser Bugs initiated by H.D. Moore, a similar project to highlight security vulnerabilities has been announced for November under the title "Month of Kernel Bugs" (MoKB). The project's initiators intend to release one security hole per day for the various operating system kernels. Up until now, fuzzing tools like "fsfuzzer" and "fs-bugs" have been used to turn up the errors.
Three of the publicised holes affect Linux kernel 2.6, two FreeBSD 6.1, two Mac OS X, one Solaris and one Windows. Proof of concept exploits have already been released for seven of the vulnerabilities, demonstrating the problems in the respective kernels.
No patches have been released for any of the vulnerabilities as yet.