Denial-of-service flaw fixed in Linux kernel

By Bill Brenner, News Writer Michael S. Mimoso, Senior News Editor 15 Jul 2004 | SearchOpenSource.com

Digg This!     StumbleUpon     Del.icio.us

Gentoo has fixed a vulnerability in the 2.6 Linux kernel that could be exploited for a remote denial-of-service attack. The company calls this a "high-impact" flaw and recommends users update to newer versions of the kernel.

FOR MORE INFORMATION Bookmark this Linux security learning guide    Hear from 2.6 kernel maintainer Andrew Morton on where current work stands

The advisory said the security hole can be exploited by a malformed TCP packet with a header length longer than 127 bytes. "By sending one malformed packet, the kernel could get stuck in a loop, consuming all of the CPU resources and rendering the machine useless, causing a denial of service," the advisory said. "This vulnerability requires no local access."

Asked if an exploit of the flaw would put data at risk, Gentoo Linux X86 Core and Kernel Team member Tim Yamin said in an e-mail, "No data would be lost as such. But if fresh data is in the kernel's buffers and not yet written to disk[s] it may be lost if the kernel does not come out of the infinite loop."

Asked if the workaround would deprive the user of valuable services, Yamin said, "The workaround only requires any tcp-option rules to be removed. This may be a disadvantage to some who need them, but this would not deny any services unless those rules perform packet forwarding to other destinations, for example. As a result, we urged all our users to upgrade to patched kernels in the GLSA, especially those who rely on tcp-option rules."

Yamin said the flaw was discovered June 30. A customer then reported it to Gentoo, and the company's security team received a notification when the bug was opened. He said everything was patched by July 3.

The Linux kernel manages the core aspects of a GNU/Linux system, providing an interface for core system applications and providing the essential structure and capability to access hardware that is needed for a running system, Gentoo said.

In its advisory, Coppenhagen, Denmark-based IT security firm Secunia called the flaw "moderately critical."

Tags: Linux kernel basics, updates,  Linux server and network security issues and threats,  Linux 2.4,  Linux 2.6,  Kernel development news,  Security advisories,  Viruses and worms,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary