CLICK HERE FOR BLOGGER TEMPLATES AND MYSPACE LAYOUTS »

Saturday, August 15, 2009

Critical Linux Kernel Bug Found

The Register reports of a flaw in the Linux kernel which affects all builds since 2001. The flaw is a result of unimplemented socket functions that are left uninitialised so that malicious code can be injected at these locations to call functions that run under root privilege. The flaw sounds relatively simple to exploit. It also sounds like it would be relatively easy to fix too, just initialise the pointers to a valid but non-operational function for the calls that are not implemented.

0 comments: