ZDNet UK / News and Analysis / Security / Security Management

Multiple flaws reported in Linux

By , ZDNet.co.uk, 13 February, 2008 12:50

Daily Newsletters

Sign up to ZDNet UK's daily newsletter.

Topics

Linux, Flaw, Red Hat, SuSE, Ubuntu, Debian

NEWS

Multiple vulnerabilities have been reported in many iterations and distributions of Linux.

The flaws, as reported by Linux vulnerability researcher Jens Axboe on Wednesday, affect versions of Ubuntu, Suse, Red Hat, Mandrake, Debian and iterations of the Linux kernel up to, but not including, Linux 2.6.24.1.

The most serious flaw is a memory-access vulnerability. Rated as "high" severity (the second highest rating) by the US National Vulnerability Database, the memory-access validation flaw allows a local attacker to gain root administrator privileges via "crafted arguments in a vmsplice system call".

Exploit code for this vulnerability is available online.

Security site SecurityFocus has provided links to patches for these vulnerabilities.

Related stories

LiMo Foundation unveils mobile Linux handsets

Torvalds: Contributors' boss is not my concern

Emerging mobile tech to watch out for

Torvalds admits concerns over patents

Torvalds: Retirement won't see death of Linux

Talkback

A patch to block the main security vulnerability was issued within hours of identification. Permanent patch was issued Feb 10, before your story!
You might want to compare that to Microsoft who on average, take months to patch even serious security flaws, not to mention the hundreds of flaws in comparison to a few in Linux.

metsteve 14 February, 2008 13:18
Reply

Post your comment

In order to post a comment you need to be registered and logged in.

You can also log in with Facebook. Log in or create your ZDNet UK account below

  • Login

Will not be displayed with your comment

By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy. Questions about membership? Find the answers in the Community FAQ

Get ZDNet UK's daily newsletter

Enter your email address to sign up

ZDNet UK Live

ju1ce

new to dropbox? sign up here and we both get a 500mb bonus! http://db.tt/aM4pWbT

5 hours ago by ju1ce on Secure2Share: securing your Dropbox
Random_Error

The only way a touch monitor would be any good is if it were horizontal on the desk, with a virtual keyboard so you could do away with that as well...

6 hours ago by Random_Error on Windows 8 could speed multi-monitor uptake
JBDragon

This is just dumb! Forget that I think Windows 8 will bomb, but really, people are going to go out and buy touch Monitors now??? Just pretend...

7 hours ago by JBDragon on Windows 8 could speed multi-monitor uptake
Jake Rayson

@Andy Bolstridge > Unfortunately, we need the majority to work 9-5 And therein lies the lie. I work very hard indeed for my idleness, early starts...

8 hours ago by Jake Rayson on The Idle Self-employed
Burn-IT

What happens when one hosting platform "acquires data" from another? If I forced the first one to remove it, who is responsible for chasing the...

14 hours ago by Burn-IT on Google picks holes in EU's 'right to be forgotten'
JohnTalich

iSpring Pro is a nice tool, that allows PowerPoint to SCORM conversion. They also have free tool, that also generates SCORM compliant courses.

18 hours ago by JohnTalich on How To Convert PowerPoint To SCORM Compliant Course
aaron.sloman

I think the answer to the question requires a deeper analysis of where the income can come from who else is now competing for it, who else will be...

1 day ago by aaron.sloman on The three big questions about Facebook's IPO
Brent Pieczynski

Your correctness about Government websites not being compliant with their own websites is correct. Most criticism of other people takes so many...

1 day ago by Brent Pieczynski on Privacy watchdog to chase big companies over cookie law
Kelvyn Taylor

802.11ac does promise some tricks to improve range & reliability, but not sure how these will work in practice until I get real products to play...

1 day ago by Kelvyn Taylor via Facebook on Next-generation 802.11ac routers
mrudang009

My wife and I love our new Kindle Fire. It's lightweight, easy to use and has a great interface. The first thing I recommend anyone with a new...

1 day ago by mrudang009 on Waterstones to sell Kindles with in-store offers
mrudang009

It basically unlocks all the Android marketplace apps and unlocks the device. I am one very happy Kindle owner!

1 day ago by mrudang009 on Waterstones to sell Kindles with in-store offers
Burn-IT

Skittles with tapes and coffee cups. Old tapes so we didn't have to rewind them afterwards.

1 day ago by Burn-IT on Ten IT jobs to save up for those rare lulls
Fraud_fighter

What is mildly amusing to me is when someone thinks a strong password is as strong as one may need, when the truth is usernames and passwords are...

1 day ago by Fraud_fighter on Passwords are here to stay: get used to it
Andy Bolstridge

Performance isn't really the big thing at the moment - not when my ADSL connection will only provide a 8mbps bottleneck to the 3.5gbps speeds these...

1 day ago by Andy Bolstridge via Facebook on Next-generation 802.11ac routers
pjc158

So when is Amazon buying Waterstones?

2 days ago by pjc158 on Waterstones to sell Kindles with in-store offers
J.A. Watson

@JoshArg - Well, I am writing this from my N150 Plus, running Ubuntu 12.04 and using a Bluetooth mouse (well, to be totally correct it is a...

2 days ago by J.A. Watson on Samsung N150 Plus Netbook - Ubuntu Netbook Edition 10.04
J.A. Watson

@duncanjmurray - At least n the case of the specific system I put the SSD into, it is not the case. The boot time improvement is substantial, but...

2 days ago by J.A. Watson on Netbook Upgrade - SSD IN, Windows OUT
archerthom

Sounds like only those who have bought their Kindle from Waterstones will be able to use them in-store - very disappointing. I have no intention...

2 days ago by archerthom on Waterstones to sell Kindles with in-store offers
AndyPagin

From my mainframe operating days... 1) Play hoopla with write permit rings & a can of screen cleaner. 2) Make enormous paper chains (Christmas...

2 days ago by AndyPagin on Ten IT jobs to save up for those rare lulls
61253

An OS X perspective Filenames beginning with a dot/period (.) should not be equated with HFS Plus resource forks; misunderstandings around ._ (dot...

2 days ago by 61253 on SharePoint deployment: Pitfalls of a pioneer

Latest in Security Management

NHS patients' health data to be anonymised and shared

Apple releases Flashback tool for Mac OS X 10.5

IPv6 security: What you need to know

Featured white papers

CIO challenges: Bringing your iPad to work

Aruba Networks

CIO challenges: Bringing your iPad to work

The arrival of personal technology in the office is a challenge for all organisations, but how can it be adapted securely for corporate... Read more

Hacktivism: Threats and reality for IT managers

ZDNet UK

Hacktivism: Threats and reality for IT managers

As high-profile breaches involving consumer data become the norm, this guide looks at where hacking is heading and what individuals can do to protect against possible attacks, from securing data to creating more secure email... Read more

How to defend mobile applications

HP

How to defend mobile applications

Your customers can now perform sensitive transactions anywhere, and mobile apps, devices and data can be more easily attacked. How can you defend against mobile... Read more

Inside ZDNet UK

Asus Transformer Pad TF300T

Asus Transformer Pad TF300T

Passwords are here to stay: get used to it

Passwords are here to stay: get used to it

How to gain total message system visibility

How to gain total message system visibility

HTC One V: First take

HTC One V: First take

SharePoint deployment: The final chapter

SharePoint deployment: The final chapter

Ten IT jobs to save up for those rare lulls

Ten IT jobs to save up for those rare lulls

How fast is your broadband?

How fast is your broadband?