Language Selection

English French German Italian Portuguese Spanish

Quick Fix in Linux Kernel

Filed under

Just days after the much-anticipated Linux 2.6.12 kernel was officially released, an update has been issued to fix two security vulnerabilities.

Linux kernel developer Chris Wright announced the security fix release late Wednesday.

One of the issues carries the CVE designation CAN-2005-1761 and was titled, "ia64 ptrace + sigrestore_context" in the Changelog for According to Danish Research firm Secunia, the impact of this vulnerability is unknown.

The other fix is for an issue that is somewhat more dangerous and could lead to a Denial-of-Service (define) attack by a malicious user. The changelog refers to the patch as "Clean up subthread exec" and refers to the CVE designation CAN-2005-1913.

An error had existed in the 2.6.12 kernel in the delivery of signals with a sub-thread "exec" on a pending timer.

"If subthread exec's with timer pending, signal is delivered to old group-leader and can panic kernel," the changelog noted.

Causing a kernel to "panic" is a serious condition that in many cases causes a Linux system to shut down. According to security firm Secunia, the subthreat exec kernel panic issue could have been exploited by malicious, local users to cause a DoS attack.

The overall effect of the 2.6.12 flaws, however, is not likely to have a significant impact on Linux users. The 2.6.12 kernel was only officially released last Friday by Linux creator Linus Torvalds and has not made its way - yet -- into many Linux distributions.

The 2.6.12 Linux kernel introduces a number of new innovations to Linux including native support for Xen as well as SELinux.


More in Tux Machines

A History Of Everyday Linux User's 350 Blog Posts

This article is something of a landmark as it is the 350th post on Everyday Linux User. I took last week off to celebrate. Well actually I went away with the family down to England for a few days and didn't take a computer with me. I did take in Alnwick Castle however which is the location for Hogwarts from the Harry Potter films. Read more

Kodi 17 "Krypton" Beta 4 Released with ARMv8A 64-bit Builds for Android, Fixes

Today, October 25, 2016, Martijn Kaijser had the great pleasure of announcing the release and immediate availability of the fourth, and probably the last Beta milestone of the upcoming Kodi 17 open-source and cross-platform media center software. Read more

GNOME's Epiphany 3.24 Web Browser to Use Firefox Sync Service, HTTPS Everywhere

The GNOME developers are preparing to release the first development version of the upcoming GNOME 3.24 desktop environment, versioned 3.23.1, and we can't help but notice that some of the core apps were updated recently. Read more

Suse: Question. What do you call second-place in ARM enterprise server linux? Answer: Red Hat

ARM TechCon Suse is claiming victory over Red Hat by announcing – and these caveats are all crucial – "the first commercial enterprise Linux distribution optimized for ARM AArch64 architecture servers." In plainer English, Suse has developed an enterprise-grade Linux distribution that runs on 64-bit ARM servers (should you happen to ever find one). Suse claims this software is a world first because it is a finished commercial product, thus beating Red Hat to the punch: Red Hat Enterprise Linux Server for ARM is still only available as a beta-like development preview. Read more