Thanks xStainDx for the heads up.
A flaw in a software-compression library used in all versions of Linux could leave the lion's share of systems based on the open-source operating system open to attack, said sources in the security community on Monday.
Several other operating systems that use open-source components are vulnerable too varying degrees as well.
The software bug, known as a double-free vulnerability, causes key memory-management functions in the zlib compression library to fail, a condition that could allow a smart attacker to compromise computers over the Internet, said Dave Wreski, director for open-source security company Guardian Digital.
"It is just a matter of time before an exploit is developed," Wreski said.
The flaw, discovered by Linux user Matthias Clasen and Owen Taylor, an engineer at Linux-software company Red Hat, affects any Linux program that uses the zlib library for decompression, including the core software of the operating system, the kernel.
News source: C|Net News.com
View: The whole story
A flaw in a software-compression library used in all versions of Linux could leave the lion's share of systems based on the open-source operating system open to attack, said sources in the security community on Monday.
Several other operating systems that use open-source components are vulnerable too varying degrees as well.
The software bug, known as a double-free vulnerability, causes key memory-management functions in the zlib compression library to fail, a condition that could allow a smart attacker to compromise computers over the Internet, said Dave Wreski, director for open-source security company Guardian Digital.
"It is just a matter of time before an exploit is developed," Wreski said.
The flaw, discovered by Linux user Matthias Clasen and Owen Taylor, an engineer at Linux-software company Red Hat, affects any Linux program that uses the zlib library for decompression, including the core software of the operating system, the kernel.
News source: C|Net News.com View: The whole story
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.