[Tfug] Linux bug discovered
Angus Scott-Fleming
angussf at geoapps.com
Tue Jun 15 09:14:09 MST 2004
Unconfirmed ... but the M$ folks will have a field day with this one if it's
true and exploited ... Text from the LinuxReview.org article says:
Using this exploit to crash Linux systems requires the
(ab)user to have shell access or other means of
uploading and running the program (like cgi-bin and FTP
access). The program works on any normal user account,
root access is not required.
------- Included Stuff Follows -------
Linux bug discovered
Linus has fixed it
By Nick Farrell: Tuesday 15 June 2004, 09:51
A LINUX BUG has been discovered which allows a whole
system to be exploited by a simple C program.
On the site Linuxreviews.org the discoverer Øyvind
Sæther, from Norway, said that using the exploit
requires the (ab)user to have shell access or other
means of uploading and running the program—like cgi-bin
and FTP access. Then it is just a matter of running this
code which works on any normal user account.
Along with the code needed to use the exploit, Sæther
also posted several patches to 2.4 and 2.6 kernels that
will keep the exploit from crashing systems. The 2.4.xx
kernel patch can be found here. A patch for the 2.6
kernel can be found here.
The exploit works because the Linux kernels signal
handler isn't handling floating-point (FP) exceptions
correctly.
Linus Torvalds has admitted that there is a path into
the kernel where if there is a pending FP error, the
kernel will end up taking an FP exception, and it will
continue to take the FP exception forever. He reckons he
has fixed it and if he was not moving house he would
have released a 2.6.7 already.
--------- Included Stuff Ends ---------
Links to more details and fixes embedded in story at
http://www.theinquirer.net/?article=16596
More information about the tfug
mailing list