Linux kernel vulnerabilities closed

    Date10 Dec 2009
    2965
    Posted ByAlex
    Several Linux distributors are releasing updated kernel packages to close security holes in the kernel. For instance, very large packets can reportedly be used to remotely provoke a flaw in the TCP/IPv4 stack's ip_defrag() (net/ipv4/ip_fragment.c) function. This can potentially cause null-pointer dereferencing and crash a system. Whether the flaw can also be exploited to execute code at kernel level by users that are logged into a system at restricted privilege level, which was the case with several previous null-pointer dereferencing bugs, is not mentioned in the distributors' and kernel developers' descriptions. The flaw was discovered in Linux kernel 2.6.32-rc8 and has been fixed in the final version.

    In addition, the new kernel packages fix a vulnerability in the Ext4 file system code. It appears access privileges are not sufficiently checked when the "move extents" I/O control is called. According to the Ubuntu developers, an attacker (who is logged into a system) can exploit this to overwrite arbitrary data on the system. According to Ubuntu, this can not only cripple a system, but it potentially also allows attackers to specifically manipulate a system in order to obtain root access. The Ext4 file system is installed by default under Ubuntu 9.10, openSUSE 11.2 and Fedora. The commercial Linux systems by Red Hat and Novell, however, still use Ext3 and should be unaffected. Not all the distributors have already released new packages to close the Ext4 hole, but they will probably do so shortly.

    You are not authorised to post comments.

    LinuxSecurity Poll

    What is your favorite LinuxSecurity.com feature?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /component/communitypolls/?task=poll.vote&format=json
    17
    radio
    [{"id":"65","title":"Feature articles","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"66","title":"News","votes":"1","type":"x","order":"2","pct":33.33,"resources":[]},{"id":"67","title":"HOWTOs","votes":"2","type":"x","order":"3","pct":66.67,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.