Linux security exploit found
15-06-2004, 18:38
|
#1
|
|
Inactive
Join Date: Jun 2003
Location: Essex innit
Age: 50
Services: Sky HD + 16Mb ADSL
BT Telephone
Posts: 15,735
|
Linux security exploit found
News item
Ths was reported yesterday but I missed it 
Quote:
|
Originally Posted by eweek
A Linux bug was recently uncovered by a young Norwegian programmer that, when exploited by a simple C program, could crash most Linux 2.4 or 2.6 distributions running on an x86 architecture.
"Using this exploit to crash Linux systems requires the (ab)user to have shell access or other means of uploading and running the programââ‚à ‚¬Ã¢â‚¬ÂÂlike cgi-bin and FTP access," reports the discoverer, ÃÃ*’Ëœyvind SÃÃ*’¦ther.
"The program works on any normal user account, and root access is not required," SÃÃ*’¦ther reported. "This exploit has been reported used to take down several 'lame free-shell providers' servers. [Running code you know will damage a system intentionally and hacking in general] is illegal in most parts of the world and strongly discouraged."
Along with the code needed to use the exploit, SÃÃ*’¦ther also posted several patches to 2.4 and 2.6 kernels that will keep the exploit from crashing systems.
Several security problems have been uncovered in Linux over the past year. The most serious was uncovered in February by the Polish security nonprofit organization iSEC Security Research.
The biggest of these security holes, called "Linux kernel do_mremap VMA limit local privilege escalation vulnerability" by iSEC, could have enabled a cracker to achieve full super-user and full administration privileges. In each case, fixes were quickly delivered by the Linux open-source community.
This latest security hole, however, can be used to crash a system, but it doesn't give an attacker any other control of a Linux system.
Technically, the problem exists because the Linux kernel's signal handler isn't handling floating-point (FP) exceptions correctly. Linux's creator, Linus Torvalds, said, "There's a path into the kernel where if there is a pending FP error, the kernel will end up taking an FP exception, and it will continue to take the FP exception forever. Duh."
Torvalds already has the problem well in hand, he said. "I fixed it in my [source code] tree a few days ago, so it's in the current snapshots, and if I wasn't in the middle of a move [to Portland, Ore.] I'd have released a 2.6.7 already. As it is, I'll hopefully have it done by tomorrow [June 15].
Eric Raymond, president of the Open Source Initiative, added, "It isn't a big deal. This one can be trivially fixed. This fixable kernel crasher doesn't cause any new problems."
|
|
|
|
|
15-06-2004, 20:03
|
#2
|
|
Inactive
Join Date: Nov 2003
Location: Leeds - the dog house
Age: 46
Services: Email me for a current price list
Posts: 8,270
|
Re: Linux security exploit found
It shows the benefits of open source software.
|
|
|
|
|
15-06-2004, 20:09
|
#3
|
|
Inactive
Join Date: Jun 2003
Location: Essex innit
Age: 50
Services: Sky HD + 16Mb ADSL
BT Telephone
Posts: 15,735
|
Re: Linux security exploit found
It also shows that its not just Microsoft that has to learn to write software properly 
|
|
|
|
|
16-06-2004, 09:05
|
#4
|
|
Inactive
Join Date: Jul 2003
Posts: 1,395
|
Re: Linux security exploit found
Quote:
|
Originally Posted by Paul
It also shows that its not just Microsoft that has to learn to write software properly |
 It's near impossible to write code on that kind of scale without some kind of error. I'd better get patched up later 
|
|
|
|
|
16-06-2004, 15:39
|
#5
|
|
Inactive
Join Date: Nov 2003
Location: Leeds - the dog house
Age: 46
Services: Email me for a current price list
Posts: 8,270
|
Re: Linux security exploit found
It's not how well written the code is that's at issue - like Phil(ip) says, you can't write code ont he scale of an OS without introducing errors, especially if you're human The issue is how quickly those errors are discovered, who discovers them, and how quickly they are patched. We've no idea what errors exist in Microsoft products because we cannot see the code, and we're at their mercy to provide patches, which in the past have had errors in them... In the example Paul posted the person discovering the error, fixed the error. That doesn't happen with Microsoft - it's much more likely that the person will develop a virus or other malware to exploit the error You'll notice that Microsoft responds more quickly to an error that has a known exploit than to one that doesn't - even it's rating system supports the idea that an error without exploit isn't important.
I'm pro- open source. I understand the concerns of business and the support issues, but it just seems an altogether better way of producing software.
|
|
|
|
|
17-06-2004, 14:09
|
#6
|
|
Inactive
Join Date: Oct 2003
Location: Bracknell
Age: 54
Services: NTL Telephone
3M Broadband - CM
Sky TV
Posts: 1,246
|
Re: Linux security exploit found
bear in mind that there is a peice of code out there that compiles to something like a 4 byte commnd that will crash any intel processor - regardless of OS being run....
There is always something to fix in any code - that includes the processor code...
|
|
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT +1. The time now is 10:17.
|
Join CF
You are here: 
