Security holes in Linux kernel

By SearchSecurity.com Staff 21 Mar 2005 | SearchSecurity.com

Digg This!     StumbleUpon     Del.icio.us

Attackers could exploit security holes in the Linux kernel to cause a denial of service, corrupt memory and launch malicious code. But users can update to a newer version in which the flaws are fixed.

Danish security firm Secunia described three "moderately critical" vulnerabilities in an advisory:

• An error in ROSE due to missing verification of the ndigis argument of new routes;
• A user with permission to access a SCSI tape device can send certain commands that could render the device unusable for other users; and
• Unspecified glitches in the ISO9660 file system handler, including the Rock Ridge and Juliet extensions, could be exploited by a specially crafted file system to cause a denial of service or memory corruption, which could then allow the attacker to launch malicious code.

Related information Time to turn Linux enthusiasts into evangelists Mainstream means more malicious code for Linux

Secunia said these issues specifically affect Linux Kernel 2.6 and that the vulnerabilities are fixed in version 2.6.12-rc1.

More information is available at Kernel.org.

Tags: Alternative OS security: Mac, Linux, Unix, etc.,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Alternative OS security: Mac, Linux, Unix, etc. Is New Google Chromium OS a Security Game-Changer? What are the Mac OS X Snow Leopard antivirus features? Machiavelli Mac OS X rootkit unveiled at Black Hat How secure is 'Platform as a Service (PaaS)?' Security comparison: Mac OS X vs. Windows Mac OS memory flaws pose challenges for enterprise endpoint protection Rootkit Hunter demo: Detect and remove Linux rootkits Oracle to buy Sun Microsystems for $7.4 billion How to harden Linux operating systems Serious holes in Mac OS X memory, researcher shows Alternative OS security: Mac, Linux, Unix, etc. Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary trusted computing  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary