Press CTRL-D to bookmark us
Welcome Guest Login / Register / Members
Search in  
Top Submit newsSubscribe
Communication | Computer Crime | Digital Audio, Video, Photo | General News | Hardware | Internet | Mobile | PDA | Security | Software | Vulnerability |
Previous articleBack to news listNext article
 

 Sponsored links

Want to become one of our authors and see your work published on ALLSeek.iNFO ?
 
 Linux 2.4 Kernel do_brk() Input Validation Flaw Lets Local Users Grab Root Privileges
Categorie: Vulnerability
Posted: 2003-12-04 by ReCall
Views: 414
Source: Click here
 		Current Rating: Not rated
Poor Best
 Details
Description: An input validation vulnerability was reported in the Linux 2.4 kernel. A local user can gain root level privileges.

It is reported that the do_brk() function does not perform proper bounds checking. A local user can run a userland application to cause the kernel to grant the local user access to the full kernel address space. The userland application can create an arbitrary and large virtual memory area, exceeding user accessible memory limits (TASK_SIZE).

Red Hat reports that an exploit for this flaw has been found in the wild.

Impact: A local user can gain root privileges.

Solution: A fixed kernel version (2.4.23) is available.

 
Syndication
Permalink Email this

The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=578

User comments (post your comments here)

Only registerd members can post comments and articles
 
Previous articleBack to news listNext article
 


InterJOB.su
Bookmark us | Set As Homepage | Advertising | Contact Us | Recomend us | Link us | Links | Terms

SpyLOG Page Rank Checker
LAST QUERIES