Kernel log: the latest Linux versions provide better security and patch flaws
Recently kernel developers have published a slew of new Linux kernels. Released in the second week of May, versions 2.6.24.7 and 2.6.25.2 patch a security hole archived as CVE-2008-1669. Kernel 2.4.36.4, released at the same time, also patches that hole in addition to the security vulnerabilities corrected in 2.6.24.6 and 2.6.25.1.
2.6.25 continues rapid progression with the release of 2.6.25.3 and 2.6.25.4, which was published only yesterday. These releases remedy numerous flaws in various parts of the kernel and the drivers it contains, and also patch security vulnerabilities. In versions up to Linux 2.6.25.3 users can change access and editing times of arbitrary files because the system call sys_utimensat() does not verify file rights. Denial-of-service attacks are also possible by means of manipulated IPv6 packets because the function ipip6_rcv() in the IPv6-over-IPv4 tunnel driver (SIP) contains a memory leak and can therefore be exploited to fill up all of your memory.
The kernel developers advise all users to switch to the latest kernel versions. Those who do not use a kernel they compiled themselves from kernel.org are, however, advised not to follow this advice directly, but rather look for updates from their distributor, many of whom have already released new kernel versions to remedy recently published security flaws.
The developers of 2.6.26 are also making progress. Since the release of 2.6.25, Torvalds has made 8135 commits in the main development branch and even released the second beta version of 2.6.26 a few days ago. It remedies a number of performance problems found in 2.6.26-rcl because Torvalds has revised a number of the changes made several kernel versions ago to the code in Big Kernel Lock (BKL). BKL is now once again implemented via a spin lock instead of a semaphore; the configuration option PREEMPT_BKL therefore had to go. As a result of this change and the discussions surrounding it on the Linux Kernel Mailing List (LKML), Ingo Molnar has announced a developer branch to step up to the removal of the performance-critical BKL. Torvalds welcomed the idea. But kernel hackers still have a lot of development work to do before this project is finished.
Kernel log in brief:
- With 2.6.26-rc2-mm1, Andrew Morton has released the first mm kernel based on linux-next.
- The Hplip Project has published version 2.8.5 of the drivers for HP printers and multifunctional devices. For the first time, they support a number of recent DeskJet printers, various (colour) LaserJets, and an additional PhotoSmart.
- VIA has finally taken action after its announcement that it would be working more intensively with open source developers. At LKML, it presented a frame buffer driver for review.
- Neil Brown has released version 2.6.5 of mdadm.
- Originally expected in X Server 1.5 with X.org 7.4, MPX support for multiple pointers (mice, touch screens, and later graphics tables) will soon appear in the developer branch of X-Server.
- Lirc developers have released version 0.8.3.
(trk)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
