Personal Website of Yakov Shafranovich » Blog Archive » Two New Security Holes in the Linux Kernel

« Maryland’s Anti-Spam Law Nuked Wifi on the Treo »

Two New Security Holes in the Linux Kernel

Posted December 14, 2004 – 7:16 pm by Yakov Shafranovich in Linux

Paul Starzetz of iSEC has discovered two new security holes in the Linux kernel. The first hole, a flaw in the kernel implementation of IGMP (multicasting) allows “unprivileged local users” to “gain elevated (root) privileges” and “remote users to hang or even crash a vulnerable Linux machine”. The second flaw, in the socket layer API, may allow “unprivileged local users to hang a vulnerable Linux machine”. Full details INCLUDING exploit source code are available at iSEC’s website. No patches as of now available. At least one of these has already been fixed.

Tags: security —

Permalink | Trackback URL | This post has

Sorry, comments for this entry are closed at this time.

Advertisements
Support This Site

Do you like this site? Please drop some money into the tip jar and buy me an ice cream:
Chitika Ads
Categories
- Linux (24)
- Mobile (5)
- Personal (60)
- Politics (30)
- Programming (71)
- Projects (50)
- Spam and Email (105)
- Standards (14)
- Technology (106)
- Website (51)
Tags
ajax aol asrg blogging bloglines bug business comment spam dhtml dkim domainkeys email authentication Family firefox google ie ietf ipr java javascript judaism law Linux marid microsoft mime movable type mozilla open source opera patents press privacy publicdomainreprints rss security senderid sitefinder spam spf sprintpcs track2rss verisign windows yahoo
Recent Posts
Recent Comments
Top Posts for the Past Year
Archives
My Flickr Photos

By Blogates.com
My del.icio.us Bookmarks
My Blogroll

Bloglines Subscriptions
Security
Bruce Schneier
SANS Internet Storm Center, InfoCON: green
US-CERT
Friends
OperaWatch (Daniel Goldman)
Tech Policy (John Levine)
Commentary: Business
Seth's Blog
Commentary: Jewish
RabbiHorowitz.com Latest Articles
Tradition Seforim Blog
Commentary: News
Commentary: Technology
Adaptive Path Essays
Ajaxian » Front Page
CircleID
Cringely
GrokLaw
The Insider
Joel on Software
PhoneNews.com
Rough Type: Nicholas Carr's Blog
Scripting News
TechCrunch
TechCrunchIT
TreoCentral
News: Technology
Slashdot
Wired News
News: General
DrudgeReport.com RSS Feed (beta)
Blog Reactions
- Opera Watch September 2, 2008
- Tour De France July 5, 2008
- Open Directory - Computers: Internet: Web Design and Development: Weblogs July 3, 2008
- AOL switching to ARF only June 27, 2008
- Personal Website of Yakov Shafranovich May 2, 2008
- Software (Ad)Venturing April 30, 2008
- Software (Ad)Venturing April 30, 2008
- La Feuille April 1, 2008
- POD: Why it’s a good thing March 31, 2008
- BookChaser Editions Lookup March 28, 2008
Statistics
- Total Stats
- - 1 Authors
  - 424 Posts
  - 22 Pages
  - 317 Comments
  - 192 Comment Posters
  - 40 Links
- My Blog Statistics
Akismet Stats

42,855 spam comments

blocked by
Akismet
Meta
More Meta

Enter your email address:
Delivered by FeedBurner

View My Stats
Hosting By:

Stats by:
StatCounter
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 License.