Linux co-developer warns of serious flaw

by Robert Jaques

21 Mar 2003

A developer who helped write the original Linux kernel is warning of a flaw in some versions of the operating system that could allow a malicious local user to gain root control of a Linux computer.

Linux expert Alan Cox, who worked with Linus Torvalds on building the open source operating system's original kernel, posted the warning about the 'ptrace' debugging tool on a Linux developers' mailing list here.

Cox explained that the vulnerability could not be exploited remotely. "The Linux 2.2 and 2.4 kernels have a flaw in ptrace," he said.

"This hole allows local users to obtain full privileges. Remote exploitation of this hole is not possible. Linux 2.5 is not believed to be vulnerable.

"Linux 2.2.25 has been released to correct Linux 2.2. It contains no other changes.

"The bug fixes that would have been in 2.2.5pre1 will now appear in 2.2.26pre1. The patch will apply directly to most older 2.2 releases."

Linux company Red Hat has posted a patch for Red Hat 7.1, 7.2, 7.3, and 8.0 here.

Get the latest news, views and technology updates in a weekly round up of the Penguin's unstoppable march by signing up to vnunet.com's FREE Linux newsletter here.

Topics:
Operating Systems

Do you agree?

Add your comment

Your name:
Your email address:	We won't publish your address
Your comment title:
Your comment:	By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.

Submit your comment

IT priorities for 2012

What is the most important IT priority for your company this year?

Reduce costs and do more with less

99%

Take advantage of the latest technologies like social media and cloud

Improve security

Consolidate applications or systems

Gain a competitive advantage through funding new IT projects

Features

World-changing CERN experiments highlight humanity’s intrinsic curiosity

V3 and The INQUIRER editor Madeline Bennett

BBC and Sky News show tough love with Twitter policies

World indulges in a Facebook facts fest as firm prepares to float

Top five most interesting figures from Facebook’s IPO

More features

HP Envy 14 Spectre ultrabook video demo

Sneak peek at the forthcoming glass-based machine

Sign up to our daily or weekly newsletters

Follow @V3_co_uk

Case studies and reports

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

Assistant Director - IT Infrastructure - London

Assistant Director - Infrastructure - London - required...

Online Designer

A well established homeware brand is looking for an experienced...

Java Engineer, Real-Time Media, Agile, TDD

Join a team that is revolutionising the way media is...

Linux Server Support Analyst - Bristol/Bath

Linux Server Support Analyst - Bristol/Bath £20,000 plus...

White paper library
Latest white papers

Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.

More white papers

© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

About us:

Business & technology web sites:

Blogs & community:

Reviews:

Software downloads:

Tools & resources:

Accreditation:

Digital Publisher of the Year 2010

Friend's email address	To send to more than one email address, simply separate each address with a comma.
Your email address
Message

Linux co-developer warns of serious flaw

Get the latest operating systems headlines direct to your inbox

Sign up to our daily or weekly newsletters