Linux.com

Home News Software Linux Kernel Development Local Root Vulnerability in the Kernel

Local Root Vulnerability in the Kernel

Commit b0a873ebb, merged for the 2.6.37 kernel, included an out of bounds reference bug that went undetected until Tommi Rantala discovered it with the Trinity fuzzing tool this April. It wasn't seen as a security bug by the kernel developers until an exploitwas posted; the problem is now known as CVE-2013-2094. Mainline kernels 2.6.37-3.9 are vulnerable, but Red Hat also backported the bug into the 2.6.32-based kernel found in RHEL6. Expect distributor updates shortly.

Read more at LWN
 

Comments

Subscribe to Comments Feed

Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board