Skip to main content

Linux Kernel 2.2 Local Root Vulnerability Published

posted onMarch 28, 2001
by hitbsecnews

Saw this over at SNN

A vulnerability has been discovered in all versions of the Linux 2.2 kernel up to and including 2.2.18. The vulnerability is caused by a kernel race condition involving the ptrace and execve functions. The vulnerability allows a non-privileged user to gain root access on an affected system by executing any setuid root binary. An attacker must have shell access on the target machine to use the published exploit. In the tradition of Linux kernel security vulnerabilities, this bug can be exploited with relative ease and yields complete ownership of the target machine. If you have a Linux system running a 2.2 kernel, now is the time to upgrade.

BUGTRAQ post

Source

Tags

Red Hat

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th