A software developer has uncovered a bug in most versions of Linux that could allow untrusted users to gain complete control over the open-source operating system. The null pointer dereference flaw was only fixed in the upcoming 2.6.32 release candidate of the Linux kernel, making virtually all production versions in use at the moment vulnerable. While attacks can be prevented by implementing a common feature known as mmap_min_addr, the RHEL distribution, short for Red Hat Enterprise Linux, doesnt properly implement that protection, Brad Spengler, who discovered the bug in mid October, told The Register.

Link to original article

There are no related posts to this one. Have some randomness:

• April 21, 2009 -- Kernel Log: What’s coming in 2.6.30 – Network: New Wi-Fi drivers and other network novelties (0)
• May 7, 2009 -- Novell prepping Moblin version of SUSE (0)
• November 17, 2009 -- Great Documentation Is Key to Open Source Success (0)
• April 20, 2009 -- Update: Oracle buying Sun in $7.4B deal (0)
• May 5, 2009 -- SpringSource Hyper Over Hyperic (0)