The Linux developers have released kernel versions 2.6.27.30 and 2.6.30.5 which fix a critical vulnerability revealed last week. The vulnerability, which is found in all 2.4 and 2.6 series Linux kernels since 2001 and for which there is already an exploit, allows users with restricted privileges to obtain root privileges. The developers urgently recommend users update to the new versions.
Debian has already released updated kernels for the current Debian 5.0 (Lenny) and its predecessor Debian 4.0 (Etch), as has Fedora for Fedora 10 and 11. Users of these distributions can install the fixes using the package management update mechanism. Updated kernels for Ubuntu and openSUSE are not yet available.
The link for this article located at H Security is no longer available.
