Article

Update: No new flaw in Linux kernel

Michael S. Mimoso, Editorial Director

A story published yesterday by SearchEnterpriseLinux.com incorrectly reported that a third mremap vulnerability had been discovered in the Linux kernel.

Separate and unrelated flaws had been reported in the memory management system call in January and February. On March 1, researcher Paul Starzetz released an update to his

    Requires Free Membership to View

initial advisory that a robust proof-of-concept exploit code had been produced for the flaw detailed in February.

"The vulerability is very easy to exploit once you have got local (shell) access to the system," Starzetz said in an e-mail to SearchEnterpriseLinux.com.

The flaws enable attackers to gain root access to vulnerable systems, Starzetz said.

"Both bugs have been found in the same piece of code. The first one [released Jan. 5] was due to invalid argument input to the mremap system call. The second [released Jan. 18] concerns an unchecked use of the do_munmap internal kernel function inside the mremap code which may be forced to fail by preparing the virtual memory of the calling process in a special way," Starzetz said.

The flaw, deemed critical, was discovered by Starzetz and his research team at Polish security consultancy ISec. Kernel versions up to and including 2.2.25, 2.4 to 2.4.24 and 2.6 and up are affected and should be repaired immediately by downloading fixes from kernel.org or a Linux distributor.

"Since no special privileges are required to use the mremap system call any process may use its unexpected behavior to disrupt the kernel memory management subsystem," said an alert from iSec. "Proper exploitation of this vulnerability leads to local privilege escalation giving an attacker full super-user privileges."


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: