Linked by Jordan Spencer Cunningham on Fri 14th Aug 2009 02:29 UTC
Linux It's the end of the world. Again. According to some Linux developers and security researchers, a bug in the Linux kernel has just been uncovered that makes just about every distribution utilizing kernel 2.4 and 2.6 on just about all architectures since May of 2001 vulnerable to a certain kind of attack.
Thread beginning with comment 378506
To view parent comment, click here.
To read all comments associated with this story, please click here.
sakeniwefu
Member since:
2008-02-26

No, he isn't.
SELinux does disable that for its own secret reasons.
Anyways what strikes me is that nobody noticed before. Trying to allocate the 0th page sounds like something that would happen often(in buggy code) and that would sound many alarms if successful. Especially as we know it would fail on some systems.
All the exploit is a bit unbelievable but that particular point is amazing.

Reply Parent Score: 3

Bill Shooter of Bul Member since:
2006-07-14

Yeah, its useful for embedded systems somehow. So that's why its not an automatic crash in Linux. I remember this issue coming up a while ago, but not the specific reason why.

Reply Parent Score: 2