Linux Kernel Vulnerability

Security Watch from PC Magazine – Linux Kernel Vulnerability

A privilege escalation vulnerability allows full access to local machine users. Versions 2.6.13 up to version 2.6.17.4, and 2.6.16 through 2.6.16.24.

Several exploits are available for this vulnerability and multiple sources confirm that they work. The Debian group confirms that this attack was used in the recent compromise of one of their servers.

This issue affects ‘prctl’, which manages resource controls for running programs, and arises because the application handles core dump files in an insecure manner. A local user may gain elevated privileges by creating a core dump file in a directory that they do not have write access to.

Kernel version 2.6.17.4 fixes the problem. [See article for links]