All versions of the Linux kernel up to version 2.6.24.1 have three bugs which could led to unauthorized access to kernel memory. Linux distribution like Ubuntu, Turbolinux, SuSE, Red Hat, Mandriva, Debian are affected. Researchers discovered the three security flaws after the exploits were released on the hacker site milw0rm.com.
The vulnerabilities are "within three functions in the system call fs/splice.c", according with InfoWorld's article. Hackers could exploit those security holes causing denial of service attacks or even getting root access. Furthermore unauthorized users can use the bugs to read or write to kernel memory locations or to access certain resources in certain servers.
The hack can be avoided by updating the kernels immediately. Linux was constantly appreciated for its strong security, but it seems few have tried to exploit its vulnerabilities. Perhaps all OS have this sort of problems, but some were more affected by attacks - for example Windows.
Comment Preview