Language Selection

English French German Italian Portuguese Spanish

Quick Fix in Linux Kernel

Filed under
Linux

Just days after the much-anticipated Linux 2.6.12 kernel was officially released, an update has been issued to fix two security vulnerabilities.

Linux kernel developer Chris Wright announced the 2.6.12.1 security fix release late Wednesday.

One of the issues carries the CVE designation CAN-2005-1761 and was titled, "ia64 ptrace + sigrestore_context" in the Changelog for 2.6.12.1. According to Danish Research firm Secunia, the impact of this vulnerability is unknown.

The other fix is for an issue that is somewhat more dangerous and could lead to a Denial-of-Service (define) attack by a malicious user. The 2.6.12.1 changelog refers to the patch as "Clean up subthread exec" and refers to the CVE designation CAN-2005-1913.

An error had existed in the 2.6.12 kernel in the delivery of signals with a sub-thread "exec" on a pending timer.

"If subthread exec's with timer pending, signal is delivered to old group-leader and can panic kernel," the 2.6.12.1 changelog noted.

Causing a kernel to "panic" is a serious condition that in many cases causes a Linux system to shut down. According to security firm Secunia, the subthreat exec kernel panic issue could have been exploited by malicious, local users to cause a DoS attack.

The overall effect of the 2.6.12 flaws, however, is not likely to have a significant impact on Linux users. The 2.6.12 kernel was only officially released last Friday by Linux creator Linus Torvalds and has not made its way - yet -- into many Linux distributions.

The 2.6.12 Linux kernel introduces a number of new innovations to Linux including native support for Xen as well as SELinux.

Source.

More in Tux Machines

LibreELEC (Krypton) v8.2.1 MR

LibreELEC 8.2.1 is a maintenance release that includes Kodi 17.6. It also resolves a minor time-zone issue after recent daylight saving changes, a resume from suspend issue with the Apple IR driver, and it provides two new SMB client configuration options in Kodi settings. You can now set a minimum SMB protocol version to prevent prevent SMB1 from ever being used, and a ‘legacy security’ option forces weak authentication to resolve issues seen with the USB sharing functions on some older router/NAS devices. If updating to LibreELEC 8.2 for the first time PLEASE READ THE RELEASE NOTES below here before posting issues in the forums as there are disruptive changes to Lirc, Samba, and Tvheadend. Read more

Microsoft Worker Leaves for Google, Criticizes Post-Windows Vista Dev Strategy

Microsoft employee Tim Sneath, who spent no less than 17 years with the company, announced in a blog post that he’s leaving the software giant to work for Google on the new Flutter mobile framework. Sneath started his post by emphasizing how great Microsoft is, explaining that he company has “incredibly diverse interests” and is “filled with talented people.” Despite the good parts, however, the former Microsoft Program Manager who worked on a series of projects for developers, discussed what he described as the “missteps” that the Redmond-based software giant embraced beginning with the Windows Vista era. Read more Also: ‘Goodbye Microsoft, hello Linux’

LiFT Scholarship Recipients Advance Open Source Around the World

Fifteen people from 13 different countries have received Linux Foundation Training Scholarships (LiFT) in the category of Linux Newbies. This year, 27 people received scholarships across all categories — the most ever awarded by the Foundation. Now in its seventh year, the program awards training scholarships to current and aspiring IT professionals worldwide who may not otherwise have the means for specialized training. The Foundation has awarded 75 scholarships worth more than $168,000 since the program began. Read more

Linux Containers vs Virtual Machines

Ever since containers on Linux became popular, determining the difference between Linux containers and virtual machines has become trickier. This article will provide you with the details to understand the differences between Linux containers and virtual machines. Read more