July 3, 2005

Linux Kernel Subthread Exec Local Denial Of Service Vulnerability

The Linux kernel is prone to a local denial of service vulnerability. The issue manifests when a call to exec is made for a subthread that has a timer pending.
A local attacker may exploit this issue to crash the kernel effectively denying service for legitimate users.

Fedora advisory FEDORA-2005-510 for Fedora Core 4 is available to address this issue. Fixes may be installed using the Red Hat Update Agent; this can be accomplished using the 'up2date' command. Please see the referenced advisory for more information.

The vendor has released an update

Link: addict3d

Click Here!