In association with heise online

28 September 2007, 13:53

Vulnerability in Linux kernel allows for privilege escalation

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

An exploit has been released that allows attackers to escalate their privileges via a vulnerability that was closed in versions and of the Linux kernel. However, an attacker does require access with restricted rights to a system running on a 64-bit version of the Linux kernel.

The problem results from failure to adequately check a number of processor registers in the code for IA32 system call emulation. According to the security advisory, it is then possible to manipulate the content of the %RAX register to access areas outside the system call table and launch arbitrary code in the context of the kernel. Some Linux distributors are supplying kernel packages with this flaw already remedied.

Such local-root holes must be taken seriously, as repeated break-ins to multi-user systems demonstrate. For instance, last summer a Debian developer server was manipulated when a restricted user exploited a vulnerability to get root rights via core dumps.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit