Fresh flaws found in latest Linux kernel

Just a month after the release of Version 2.6 of the Linux kernel security experts are warning that a critical flaw in the kernel code could leave machines running “production” versions of the software vulnerable to attack.

ISEC Security Research, a Poland-based outfit, reported this month that the code for handling virtual memory in Linux kernel Version 2.6 and below is flawed. The problem lies in the “mremap” module of the Linux kernel that’s used to manage virtual memory. The flaw could allow hackers to potentially bring down a Linux system or to run malicious code on the machine if the attackers possess only a basic-level system account, the security firm said.

According to ISEC, attackers can exploit the vulnerability by creating an invalid virtual memory area on a Linux machine. This could cause a Linux server to crash or allow attackers to execute code on the machine, such as embedding worms or using the machine as a platform for other attacks.

ISEC says the vulnerability is not overly severe, since potential attackers would need a logon name and password and either direct or LAN access to a machine. However, the group says it was able to develop test code that consistently exploits the vulnerability.

Guardian Digital and Red Hat released patches to the Linux kernel earlier this month that fixes the mremap flaw. Security Web site Secunia.com says that a patched version of Linux Version 2.4.24 is available, also. The Web site also reported that Version 2.2.x of the kernel is not affected.

This security flaw in the Linux kernel comes just a few weeks after vulnerability was discovered in Linux kernel Version 2.4.23 in December. That flaw was used in an attack on servers run by the Debian project in November.