[ossig] Multiple flaws reported in Linux : News : Security - ZDNet Asia
NP Lee
nplee at tm.net.my
Fri Feb 15 08:22:35 MYT 2008
Multiple flaws reported in Linux
By Tom Espiner
<mailto:zdnews-asia at cnet.com&Subject=Feedback%20on%20%27Multiple%20flaws%20reported%20in%20Linux%27>,
ZDNet UK
Thursday, February 14, 2008 08:56 AM
*Multiple vulnerabilities have been reported in many iterations and
distributions of Linux.*
The flaws, as reported by Linux vulnerability researcher Jens Axboe on
Wednesday, affect versions of Ubuntu, Suse, Red Hat, Mandrake, Debian
and iterations of the Linux kernel up to, but not including, Linux 2.6.24.1.
The most serious flaw is a memory-access vulnerability. Rated as "high"
severity (the second highest rating) by the U.S. National Vulnerability
Database <http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0600>, the
memory-access validation flaw allows a local attacker to gain root
administrator privileges via "crafted arguments in a vmsplice system call".
Exploit code for this vulnerability is available online.
Security site SecurityFocus has provided links to patches
<http://www.securityfocus.com/bid/27704/solution> for these vulnerabilities.
http://www.zdnetasia.com/news/security/0,39044215,62037780,00.htm?scid=nl_z_ntnd
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mncc.com.my/pipermail/ossig_mncc.com.my/attachments/20080215/eb4f959c/attachment.html
More information about the ossig
mailing list