Language Selection

English French German Italian Portuguese Spanish

Quick Fix in Linux Kernel

Filed under
Linux

Just days after the much-anticipated Linux 2.6.12 kernel was officially released, an update has been issued to fix two security vulnerabilities.

Linux kernel developer Chris Wright announced the 2.6.12.1 security fix release late Wednesday.

One of the issues carries the CVE designation CAN-2005-1761 and was titled, "ia64 ptrace + sigrestore_context" in the Changelog for 2.6.12.1. According to Danish Research firm Secunia, the impact of this vulnerability is unknown.

The other fix is for an issue that is somewhat more dangerous and could lead to a Denial-of-Service (define) attack by a malicious user. The 2.6.12.1 changelog refers to the patch as "Clean up subthread exec" and refers to the CVE designation CAN-2005-1913.

An error had existed in the 2.6.12 kernel in the delivery of signals with a sub-thread "exec" on a pending timer.

"If subthread exec's with timer pending, signal is delivered to old group-leader and can panic kernel," the 2.6.12.1 changelog noted.

Causing a kernel to "panic" is a serious condition that in many cases causes a Linux system to shut down. According to security firm Secunia, the subthreat exec kernel panic issue could have been exploited by malicious, local users to cause a DoS attack.

The overall effect of the 2.6.12 flaws, however, is not likely to have a significant impact on Linux users. The 2.6.12 kernel was only officially released last Friday by Linux creator Linus Torvalds and has not made its way - yet -- into many Linux distributions.

The 2.6.12 Linux kernel introduces a number of new innovations to Linux including native support for Xen as well as SELinux.

Source.

More in Tux Machines

Leftovers: Screenshots and Screencasts

Android Leftovers

GCC 4.9.2 vs. GCC 5 Benchmarks On An Intel Xeon Haswell

For those craving some more GCC 5 compiler benchmark numbers following last week's release of GCC 5.1, here's some new comparison numbers between GCC 4.9.2 stable and the near-final release candidate of GCC 5.1. Pardon for this light article due to still finishing up work on migrating to the new Phoronix web server while separately working to take care of thermal issues coming about in the new Linux benchmarking server room. Read more

First impressions of Ubuntu 15.04

Canonical's Ubuntu operating system is probably the most widely used Linux distribution in the world. Ubuntu is made available in several editions, including desktop builds, server builds and there is a branch of Ubuntu for mobile phones. Ubuntu provides installation images for the x86, ARM and Power PC architectures, allowing the distribution to run on a wide variety of hardware. The most recent release of Ubuntu, version 15.04, includes a fairly short list of changes compared to last year's Ubuntu 14.10, however some of the changes are significant. Some small changes include an upgrade of the kernel to Linux 3.19 and placing application menus inside the application window by default. A potentially larger change is the switch from Canonical's Upstart init software to systemd. Read more