[NTLUG:Discuss] Multiple Linux Flaws Reported

terry kj5zr at yahoo.com
Sun Apr 18 23:29:33 CDT 2004 

Kernel update available,
04/18/04 22:34:02 Installed: kernel 2.4.20-30.9.i386

terry wrote:
> A friend has called this to my attention:
> <http://www.esecurityplanet.com/trends/article.php/3341341>
> 
> "Multiple Linux Flaws Reported"
> April 16, 2004
> By Ryan Naraine
> 
> It says, "Security researchers are warning of a buffer overflow security 
> flaw in the Linux kernel that can be exploited to lead to privilege 
> escalation attacks."
> 
> It goes on to say, "The company found that affected versions of Linux 
> kernel performed no length checking on symbolic links stored on an 
> ISO9660 file system, a problem that allows a malformed CD to perform an 
> arbitrary length overflow in kernel memory."
> 
> "Symbolic links on ISO9660 file systems are supported by the 'Rock 
> Ridge' extension to the standard format. The vulnerability can be 
> triggered by performing a directory listing on a maliciously constructed 
> ISO file system, or attempting to access a file via a malformed symlink 
> on such a file system. Many distributions allow local users to mount 
> CDs, which makes them potentially vulnerable to local elevation 
> attacks," according to the security alert.
> 
> Not sure what to make of it, but do we need to change some permissions 
> someplace?  Is this a real problem of some sort?
> 
> I don't [fully] understand.
> 
> Also:
> "Separately, security firm Secunia warned of an information leak and 
> denial-of-service  holes in Linux Kernel 2.4.x and 2.6.x. The 
> information leak problem was discovered with the ext3, XFS, and JFS file 
> system code and can lead to the exposure of data like cryptographic keys 
> to malicious attackers.
> 
> Another error was found within the OSS code for SoundBlaster 16 devices 
> that could be used to trigger denial-of-service attacks with odd numbers 
> of output bytes are submitted."
> 
> 
> 
> _______________________________________________
> https://ntlug.org/mailman/listinfo/discuss
> 


-- 
Registered Linux User 188099
http://counter.li.org/

More information about the Discuss mailing list