Developers have exterminated two bugs from the Linux kernel that threatened the security of people using the open-source operating system. The most serious of the two is remote denial-of-service vulnerability that made it possible for attackers to crash systems by sending them oversized packets.
The underlying null pointer dereference flaw in the Linux kernel's IPv4 defragmentation process is "basically the ping of death from the 90s, reintroduced by some code-refactoring," Linux security guru Brad Spengler of grsecurity, told The Register.

The second bug could be used by unprivileged local users to gain root access over vulnerable boxes. The vulnerability stems from a flaw in the Ext4 file system. It can be exploited by users by overwriting arbitrary files.

The link for this article located at The Register is no longer available.