Language Selection

English French German Italian Portuguese Spanish

Quick Fix in Linux Kernel

Filed under
Linux

Just days after the much-anticipated Linux 2.6.12 kernel was officially released, an update has been issued to fix two security vulnerabilities.

Linux kernel developer Chris Wright announced the 2.6.12.1 security fix release late Wednesday.

One of the issues carries the CVE designation CAN-2005-1761 and was titled, "ia64 ptrace + sigrestore_context" in the Changelog for 2.6.12.1. According to Danish Research firm Secunia, the impact of this vulnerability is unknown.

The other fix is for an issue that is somewhat more dangerous and could lead to a Denial-of-Service (define) attack by a malicious user. The 2.6.12.1 changelog refers to the patch as "Clean up subthread exec" and refers to the CVE designation CAN-2005-1913.

An error had existed in the 2.6.12 kernel in the delivery of signals with a sub-thread "exec" on a pending timer.

"If subthread exec's with timer pending, signal is delivered to old group-leader and can panic kernel," the 2.6.12.1 changelog noted.

Causing a kernel to "panic" is a serious condition that in many cases causes a Linux system to shut down. According to security firm Secunia, the subthreat exec kernel panic issue could have been exploited by malicious, local users to cause a DoS attack.

The overall effect of the 2.6.12 flaws, however, is not likely to have a significant impact on Linux users. The 2.6.12 kernel was only officially released last Friday by Linux creator Linus Torvalds and has not made its way - yet -- into many Linux distributions.

The 2.6.12 Linux kernel introduces a number of new innovations to Linux including native support for Xen as well as SELinux.

Source.

More in Tux Machines

Debian and Enlightenment Combined in the Beautiful Elive OS – Gallery

Elive is a Linux distribution that uses Debian as a base and Enlightenment as the default desktop environment. It provides a different experience from what users might get in other operating systems and the developers have just updated the OS yet again. Read more

Linux 3.18 Kernel: Not Much Change With Intel Haswell Performance

For those wondering whether there will be any exciting improvements with the Intel DRM graphics driver in the Linux 3.18 kernel, here's some OpenGL performance benchmarks. At least when carrying out performance tests with Mesa Git master (now at Mesa 10.5.0-devel), there doesn't appear to be any significant performance improvements when testing with an Intel Core i7 4770K "Haswell" CPU bearing HD Graphics 4600. When comparing the stable Linux 3.16.0, 3.17.0, and 3.18.0 Git daily kernels for this system with standard HD Graphics 4600, there really isn't exciting about this latest Linux kernel. Read more

Android 5.0 dev kits simplify octacore Snapdragon designs

Intrinsyc unveiled an Android 5.0 dev platform for the Snapdragon 810 SoC in phone, tablet, SBC, and COM versions that debut DDR4 and TransferJet tech. Intrinsyc Technologies has released three Android 5.0 development platforms, as well as a computer-on-module, supporting the Qualcomm Snapdragon 810 system-on-chip: Read more

today's howtos