Brad Spengler released the Linux exploit's source code last week, indicating that it exploits a vulnerability in at least two Linux versions - 2.6.30 and 2.6.18, both 32-bit and 64-bit.
The scary part of this flaw is that it gets around a null pointer protection in the mainline Linux kernel, so if successfully exploited, the attacker could gain root access. Game over.
Red Hat Enterprise Linux 5 uses on of the vulnerable versions - 2.6.18.
According to Spengler, the workaround would be for Linux admins to compile the kernel with fno-delete-null-pointer-checks.
SANS has more.
No comments:
Post a Comment
Please tell me what you think.