Critical Flaw Found in Linux Kernel

There is a NULL pointer dereference flaw in the Linux kernel that can be exploited by attackers to gain root access to a vulnerable machine.

There is a NULL pointer dereference flaw in the Linux kernel that can be exploited by attackers to gain root access to a vulnerable machine.

The vulnerability is in version 2.6.21 of the Linux kernel and some Linux vendors already have taken steps to fix the vulnerability. Red Hat has released a fix for the flaw in several versions of its Linux distributions. Red Hat also has released advisories on the issue, explaining the vulnerability and its effect on vulnerable machines.

A NULL pointer dereference flaw was found in each of the following functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe’s reader and writer counters. This could lead to a local denial of service or privilege escalation.

Debian also has posted instructions for addressing the flaw in its Linux distributions, which are vulnerable to this problem by default. NULL pointer dereferences are particularly complex problems that are difficult to exploit in many cases. This particular problem was identified in mid-October and so far, there have not been any public exploits released for the Linux kernel flaw.

Suggested articles

Discussion

  • Andrew on

    Users of Ubuntu 9.04+ shouldn't need to worry about this as the mmap_min_addr setting is 64K, built into the kernel.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.