iDEFENSE Reports Security Flaw in Linux Kernel

    Date19 Apr 2004
    3912
    Posted ByAnthony Pell
    US-based iDEFENSE is a provider of security intelligence to governments and Fortune 500 companies. According to the advisory, the vulnerabilities affect Linux Kernel 2.6.x, 2.5.x and 2.4.x respectively. The Linux kernel performs no length checking on symbolic links stored on an ISO9660 file system, allowing a malformed CD to perform an arbitrary length overflow in kernel memory. . . . iDEFENSE has issued a warning regarding a buffer overflow vulnerability that exists in the Linux kernel, which can be exploited to lead to privilege escalation attacks.

    US-based iDEFENSE is a provider of security intelligence to governments and Fortune 500 companies. According to the advisory, the vulnerabilities affect Linux Kernel 2.6.x, 2.5.x and 2.4.x respectively. The Linux kernel performs no length checking on symbolic links stored on an ISO9660 file system, allowing a malformed CD to perform an arbitrary length overflow in kernel memory.

    You are not authorised to post comments.

    LinuxSecurity Poll

    Do you reuse passwords across multiple accounts?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    13
    radio
    [{"id":"55","title":"Yes","votes":"4","type":"x","order":"1","pct":44.44,"resources":[]},{"id":"56","title":"No","votes":"5","type":"x","order":"2","pct":55.56,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.