Bug in latest Linux gives untrusted users root access
A software developer has uncovered a bug in most versions of Linux that could allow untrusted users to gain complete control over the open-source operating system.
The null pointer dereference flaw was only fixed in the upcoming 2.6.32 release candidate of the Linux kernel, making virtually all production versions in use at the moment vulnerable. While attacks can be prevented by implementing a common feature known as mmap_min_addr, the RHEL distribution, short for Red Hat Enterprise Linux, doesn't properly implement that protection, Brad Spengler, who discovered the bug in mid October, told The Register.
Read the complete article at The Register. New kernels are available for Redhat and CentOS (obviously), and likely others who may be affected.
» cPanel Servers in Europe: Strasbourg (FR), Haarlem & Amsterdam (NL) & Kent (UK), USA (Los Angeles, St.Louis), Asia (Singapore) | Follow us at Twitter: @040hosting
» Shared | Reseller | (managed) Dedicated Hosting | Domain Registrar | SSL Registrar | Cloudlinux Partner| 040Hosting (Registered company #17093425 KVK Eindhoven, The Netherlands)