Linux kernel has multiple flaws

Linux kernel has multiple flaws

offline
  • SVITAC 
  • Legendarni građanin
  • Pridružio: 28 Apr 2003
  • Poruke: 5919
  • Gde živiš: Beograd

By Bill Brenner, News Writer
22 Jul 2004 | SearchSecurity.com

Users are advised to update their systems against multiple denial-of-service and permission vulnerabilities in the Linux kernel that could be exploited by an attacker. Gentoo said the flaws are "high impact."

"The set of vulnerabilities ranges from DOS issues to overflows which can possibly be used to read kernel memory," Gentoo Linux X86 Core and Kernel Team member Tim Yamin said in an e-mail. "My main advice is to keep one's kernel secure and updated to avoid security bugs."

Gentoo's advisory said, "The Linux kernel allows a local attacker to mount a remote file system on a vulnerable Linux host and modify files' group IDs. Also, a flaw in the handling of /proc attributes has been found in 2.6 series kernels; allowing the unauthorized modification of /proc entries, especially those which rely solely on file permissions for security to vital kernel parameters."

Yamin said tainted group IDs can open the door for a denial-of-service attack. "By exploiting this vulnerability, users in the original file group would also be blocked from accessing the changed files," he said.

The advisory addresses other problems: One in the vserver Linux sources in which /proc related changes in one virtual context are applied to other contexts as well, including the host system; vulnerabilities in 2.6 series Linux kernels older than 2.6.7 found by the Sparse source code checking tool; and fixes for a local denial-of-service vulnerability that can cause unknown behavior and a floating point information leak on IA64 platforms in which registers of other processes can be read by a local user.

"The /proc attribute vulnerability allows local users with previously no permissions to certain /proc entries to exploit the vulnerability and then gain, read, write and execute access to entries," the advisory said. "These new privileges can be used to cause unknown behavior ranging from reduced system performance to a denial of service by manipulating various kernel options which are usually reserved for the superuser."

The flaw could also be used to open restrictions set through /proc entries, allowing further attacks to take place through another possibly unexpected attack vector, Gentoo said.

All 2.6 users are affected by the /proc attribute issue and the only known workaround is to disable /proc support, the advisory said. It added that the vserver flaw applies only to vserver sources, and no workaround is currently available.

"As a result, all users affected by any of these vulnerabilities should upgrade their kernels to ensure the integrity of their systems," Gentoo said.

The Linux kernel manages the core aspects of a GNU/Linux system, providing an interface for core system applications and the essential structure and capability to access hardware needed for a running system.



Registruj se da bi učestvovao u diskusiji. Registrovanim korisnicima se NE prikazuju reklame unutar poruka.
Ko je trenutno na forumu
 

Ukupno su 946 korisnika na forumu :: 29 registrovanih, 6 sakrivenih i 911 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., amaterSRB, Belac91, bestguarder, bojan_t, Bubimir, ccoogg123, darkangel, Goran 0000, jackreacher011011, Jakov01, Kubovac, kybonacci, ladro, ljuba, Milometer, milutin134, nebkv, nemkea71, pedja.st, Povratak1912, powSrb, Ripanjac, sosko, ss10, Trpe Grozni, vukdra, zastavnik, zbazin