Researcher releases exploit codes for Linux kernel 2.6 flaws

By on

A researcher has released exploit codes for newly discovered Linux kernel 2.6 flaws which could permit attackers to gain root-system privileges they can use to steal data or mount denials of service on Linux-based systems.

Calling himself “qaaz,” the researcher on Saturday posted on the MilwOrm.com site two exploits labeled “Linux kernel 2.6.17 – 2.6.24.1 vmsplice Local Root Exploit” and "Linux kernel 2.6.23 – 2.6.24 vmsplice Local Root Exploit.”

However, the Linux flaws – system call vulnerabilities which have been labelled a “moderate risk” by FrSIRT, theFrench security response team,  and “less critical” by Danish vulnerability clearinghouse Secunia – apparently already have been fixed in newer versions of Linux kernel 2.6, researchers said. Secunia also said in its advisory that the Linux flaws can only be exploited from local systems.

Researchers cautioned that although the new vulnerabilities apparently cannot be exploited remotely, the potential for a root-level exploit offered by the kernel flaws may give attackers access to sensitive data on servers running the flawed version of Linux.

Multiple vulnerabilities were discovered late last week by Wojciech Purczynskiof of iSEC Security Research in “vmsplice” functions in the kernel 2.6 operating system that are not being properly verified before being used to perform memory operations — rendering them vulnerable to exploits that bypass security restrictions and enable attackers to obtain elevated privileges.

According to Secunia, the vulnerabilities first appeared in Linux kernal version 2.6.17.

“These issues are caused by errors in the “vmsplice_to_user(),” “copy_from_user_mmap_sem(),” and “get_iovec_page_array(),” [fs/splice.c] functions that do not validate user-supplied data before being used, which could be exploited by malicious users to read or write arbitrary memory data, and execute malicious code with elevated privileges,” FrSIRT said, in a warning posted on Monday.

FrSirt said the kernel vulnerabilities could be exploited by “malicious local users” to cause a denial of service or to disclose sensitive data, and recommended that Linux users upgrade to kernel versions 2.6.23.16 or 2.6.24.2, which do not have the flaws.

See original article on scmagazineus.com
Copyright © SC Magazine, US edition
Tags:
linux exploit linux exploit for kernel linux security security

Most Read Articles

Number of homes in NBN limbo balloons

Number of homes in NBN limbo balloons
Human Services casts doubt on Watson

Human Services casts doubt on Watson
ANZ Bank looks to DIY tech under Maile Carnegie

ANZ Bank looks to DIY tech under Maile Carnegie
Australian SKA telescope finds ancient radio signal

Australian SKA telescope finds ancient radio signal
You must be a registered member of iTnews to post a comment.
| Register

Whitepapers from our sponsors

Growing companies have a growing interest in technology
Growing companies have a growing interest in technology
RSA NetWitness® Endpoint. Respond 3X Faster to Threats
RSA NetWitness® Endpoint. Respond 3X Faster to Threats
Building platforms for future health and education
Building platforms for future health and education
Breach Level Index Report
Breach Level Index Report
Data Security vs Human Behaviour
Data Security vs Human Behaviour

Events

Log In

Username:
Password:
|  Forgot your password?