Microsoft was not the only place that would’ve made mistakes in the area of Kernel Code. Multiple Linux flaws show that it has also Kernel issue. This is a common flaw across operating systems that is difficult to catch due to the complexities of kernel code.
Dann Frazier of Debian posted to Full Disclosure today about four vulnerabilities that allow local attacks against the kernel that result in arbitrary code execution or Denial of Service conditions. The Debian Project is an association of individuals who have made common cause to create a free operating system. This operating system that they have created is called Debian GNU/Linux, or simply Debian for short. The contents of his email are posted as follows:
CVE Id(s): CVE-2007-6694 CVE-2008-0007 CVE-2008-1294 CVE-2008-1375
Several local vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems:
Cyrill Gorcunov reported a NULL pointer dereference in code specific to the CHRP PowerPC platforms. Local users could exploit this issue to achieve a Denial of Service (DoS).
Nick Piggin of SuSE discovered a number of issues in subsystems which register a fault handler for memory mapped areas. This issue can be exploited by local users to achieve a Denial of Service (DoS) and possibly execute arbitrary code.
David Peer discovered that users could escape administrator imposed cpu time limitations (RLIMIT_CPU) by setting a limit of 0.
Alexander Viro discovered a race condition in the directory notification subsystem that allows local users to cause a Denial of Service (oops) and possibly result in an escalation of privileges.
For the stable distribution (etch), this problem has been fixed in version 2.6.18.dfsg.1-18etch3. The unstable (sid) and testing distributions will be fixed soon.
We recommend that you upgrade your linux-2.6, fai-kernels, and user-mode-linux packages.
As per Nathan McFeters , a Senior Security Advisor for Ernst & Young, Some of these look to be pretty serious bugs. The two newest do not have security focus entries yet, but as far as he is aware there currently exists no public exploit code for this, which is a good thing.
Courtesy: ZDNetFiled under Enterprise Software | Tags: Debian, DOS, Kernel, Linux, RLIMIT_CPU | Comment Below