Short bio: Computer Scientist, FOSS supporter (read more)
Tux Machines (TM)-specific
Two new vulnerabilities affecting Linux were uncovered this week that could potentially be used by malicious hackers to gain root privileges.
One vulnerability, which was reported on Tuesday by security firm VSR, arises from a flaw in the implementation of the Reliable Datagram Sockets protocol (RDS) in versions 2.6.30 through 2.6.36-rc8 of the Linux kernel.
Known as CVE-2010-3904, the bug could allow a local attacker to issue specially crafted socket function calls to write arbitrary values into kernel memory and thereby escalate privileges to root, giving the attacker "superuser," administrator status.