Language Selection

English French German Italian Portuguese Spanish

Bug exposes eight years of Linux kernel

Filed under

Linux developers have issued a critical update for the open-source OS after researchers uncovered a vulnerability in its kernel that puts most versions built in the past eight years at risk of complete takeover.

The bug involves the way kernel-level routines such as sock_sendpage react when they are left unimplemented. Instead of linking to a corresponding placeholder, (for example, sock_no_accept), the function pointer is left uninitialized. Sock_sendpage doesn't always validate the pointer before dereferencing it, leaving the OS open to local privilege escalation that can completely compromise the underlying machine.

"Since it leads to the kernel executing code at NULL, the vulnerability is as trivial as it can get to exploit," security researcher Julien Tinnes writes here. "An attacker can just put code in the first page that will get executed with kernel privileges."

rest here

More in Tux Machines

Today in Techrights

The BEST Android Phones Of 2015

Android has always been associated with the best known handsets, the best specs and for always being the platform with the most advanced features, whether imaging, processors or display technology. And 2015 was no exception. Apple’s iPhones have always been plenty powerful, but handsets from Samsung, LG and HTC have always strived to take things further, introducing never-before-seen-technology, features and USPs like water-and-dust-proofing, QHD screens and the first implementation of optical stabilised cameras (OIS) on mobile. Read more

KDE Plasma Screen Configuration Is Working On Wayland

Sebastian Kügler's latest KDE Wayland work has led him to discover that KScreen is now working on Wayland. Using KScreen for screen/monitor configuration with KDE Plasma on Wayland-based environments should now "just work" and is a step towards having suitable KDE Wayland multi-screen support. Read more

Turris Omnia Is a Linux-Based Powerful Open Source Router That Updates on the Fly

Turris Omnia is a new open source router that comes with powerful hardware and a Linux distro based on OpenWRT. It’s a smashing hit on Indiegogo, and there is still time to get one. Read more