In association with heise online

11 June 2007, 11:53

Three vulnerabilities fixed in new Linux kernel

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The latest version of the Linux kernel, 2.6.21.4, fixes three vulnerabilities. A null pointer dereference in netfilter can cause the kernel to crash when processing certain connections. This bug can be triggered remotely. In addition, as a result of a bug in the cpuset_tasks_read function, users logged onto the system can read part of the kernel memory. This may allow an attacker to access protected information. Finally the kernel also harbours a bug which affects the way seeds for generating random numbers are generated where the system has no entropy source. This may result in applications which rely on random number generators being less secure.

See also:

(mba)

Print Version | Send by email | Permalink: http://h-online.com/-733031
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit