Language Selection

English French German Italian Portuguese Spanish

Quick Fix in Linux Kernel

Filed under
Linux

Just days after the much-anticipated Linux 2.6.12 kernel was officially released, an update has been issued to fix two security vulnerabilities.

Linux kernel developer Chris Wright announced the 2.6.12.1 security fix release late Wednesday.

One of the issues carries the CVE designation CAN-2005-1761 and was titled, "ia64 ptrace + sigrestore_context" in the Changelog for 2.6.12.1. According to Danish Research firm Secunia, the impact of this vulnerability is unknown.

The other fix is for an issue that is somewhat more dangerous and could lead to a Denial-of-Service (define) attack by a malicious user. The 2.6.12.1 changelog refers to the patch as "Clean up subthread exec" and refers to the CVE designation CAN-2005-1913.

An error had existed in the 2.6.12 kernel in the delivery of signals with a sub-thread "exec" on a pending timer.

"If subthread exec's with timer pending, signal is delivered to old group-leader and can panic kernel," the 2.6.12.1 changelog noted.

Causing a kernel to "panic" is a serious condition that in many cases causes a Linux system to shut down. According to security firm Secunia, the subthreat exec kernel panic issue could have been exploited by malicious, local users to cause a DoS attack.

The overall effect of the 2.6.12 flaws, however, is not likely to have a significant impact on Linux users. The 2.6.12 kernel was only officially released last Friday by Linux creator Linus Torvalds and has not made its way - yet -- into many Linux distributions.

The 2.6.12 Linux kernel introduces a number of new innovations to Linux including native support for Xen as well as SELinux.

Source.

More in Tux Machines

WebKitGTK+ 2.5.2 Drops GTK+2 Dependency

WebKitGTK+, a version of the WebKit open source web engine that uses GTK+ as its user-facing frontend, has reached version 2.5.2. Read more

today's leftovers

Proposed: A Tainted Performance State For The Linux Kernel

Similar to the kernel states of having a tainted kernel for using binary blob kernel modules or unsigned modules, a new tainting method has been proposed for warning the user about potentially adverse kernel performance. Dave Hansen of Intel has proposed a new "TAINT_PERFORMANCE" for the kernel that would proactively print a warning message about not using the kernel for any performance measurements. Dave explained in his RFC announcement, "I have more than once myself been the victim of an accidentally-enabled kernel configuration option being mistaken for a true performance problem. I'm sure I've also taken profiles or performance measurements and assumed they were real-world when really I was measuring the performance with an option that nobody turns on in production. A warning like this late in boot will help remind folks when these kinds of things are enabled." Read more

Scientific Linux 7.0 x86_64 BETA 3

Fermilab's intention is to continue the development and support of Scientific Linux and refine its focus as an operating system for scientific computing. Today we are announcing a beta release of Scientific Linux 7. We continue to develop a stable process for generating and distributing Scientific Linux, with the intent that Scientific Linux remains the same high quality operating system the community has come to expect. Please do not install Pre-Release software in your production environment. Read more