Language Selection

English French German Italian Portuguese Spanish

Quick Fix in Linux Kernel

Filed under
Linux

Just days after the much-anticipated Linux 2.6.12 kernel was officially released, an update has been issued to fix two security vulnerabilities.

Linux kernel developer Chris Wright announced the 2.6.12.1 security fix release late Wednesday.

One of the issues carries the CVE designation CAN-2005-1761 and was titled, "ia64 ptrace + sigrestore_context" in the Changelog for 2.6.12.1. According to Danish Research firm Secunia, the impact of this vulnerability is unknown.

The other fix is for an issue that is somewhat more dangerous and could lead to a Denial-of-Service (define) attack by a malicious user. The 2.6.12.1 changelog refers to the patch as "Clean up subthread exec" and refers to the CVE designation CAN-2005-1913.

An error had existed in the 2.6.12 kernel in the delivery of signals with a sub-thread "exec" on a pending timer.

"If subthread exec's with timer pending, signal is delivered to old group-leader and can panic kernel," the 2.6.12.1 changelog noted.

Causing a kernel to "panic" is a serious condition that in many cases causes a Linux system to shut down. According to security firm Secunia, the subthreat exec kernel panic issue could have been exploited by malicious, local users to cause a DoS attack.

The overall effect of the 2.6.12 flaws, however, is not likely to have a significant impact on Linux users. The 2.6.12 kernel was only officially released last Friday by Linux creator Linus Torvalds and has not made its way - yet -- into many Linux distributions.

The 2.6.12 Linux kernel introduces a number of new innovations to Linux including native support for Xen as well as SELinux.

Source.

More in Tux Machines

System76's Pop!_OS Linux to Get a Beta Release Next Week with HiDPI Improvements

System76 is getting ready to unleash the first Beta release of their upcoming Pop!_OS Linux distribution, which should be available to download next week based on the Ubuntu 17.10 Final Beta. It appears that System76's development team recently dropped focus on the Pop!_OS Installer, which they develop in collaboration with the elementary OS team, to concentrate on fixing critical bugs and add the final touches to the Beta release. They still need to add some patches to fix backlight brightness issues on Nvidia GPUs. Read more

Server: Red Hat, Security, Samba, Docker, Microsoft Canonical and MongoDB

PocketBeagle and Android

Desktop: AKiTiO Node, Ubuntu Podcast, Vivaldi, Chromium and HUION PenTablet

  • AKiTiO Node: Testing NVIDIA eGPU Support in Ubuntu 17.10
    Ever since the announcement of Intel’s Thunderbolt 3 technology there has been external graphics card (eGPU) support. Unfortunately for most of last year, including with Intel’s own Skull Canyon NUC, putting this solution to use was challenging at best. Most motherboards didn’t fully support the technology and those that did typically required a system that was far more expensive. For example, the Skull Canyon NUC at release was $700, unconfigured. Adding SSDs and RAM usually bumped that up well over $1000.
  • Ubuntu Podcast from the UK LoCo: S10E29 – Adamant Terrible Hammer
    It’s Season Ten Episode Twenty-Nine of the Ubuntu Podcast! Alan Pope, Martin Wimpress, Marius Quabeck, Max Kristen, Rudy and Tiago Carrondo are connected and speaking to your brain.
  • Vivaldi 1.12 Web Browser Debuts with Highly Requested Features, Improvements
    Vivaldi, the Chromium-based web browser designed with the power user in mind, has been recently updated to version 1.12, a release that introduces highly requested features and a whole lot of under-the-hood improvements. There are three big new features implemented in Vivaldi 1.12. The first is a built-in Image Properties feature that works when you right-click on an image on the Web, showing you a bunch of useful information, such as camera model, depth of field, ISO sensitivity, focal length, exposure, histogram, time and date, and white balance.
  • Chromium Will Soon Let You Browse the Web in VR with a Daydream View Headset
    Chromium evangelist François Beaufort posted today on his Google+ profile information regarding the VR (Virtual Reality) capabilities of the open-source web browser, which is the base of Chrome OS and Google Chrome. It would appear that the Chromium team is working on a set of new virtual reality features for the web browser, which means that more VR goodies are coming to popular Chromium-based web browsers like Opera, Vivaldi, and Google Chrome.
  • libinput and the HUION PenTablet devices
    HUION PenTablet devices are graphics tablet devices aimed at artists. These tablets tend to aim for the lower end of the market, driver support is often somewhere between meh and disappointing. The DIGImend project used to take care of them, but with that out of the picture, the bugs bubble up to userspace more often.