Ubuntu issues patch for Linux kernel flaw

Ubuntu is the latest Linux vendor to patch a vulnerability in the open-source operating system's kernel that could have left the door open for hackers to find their way into users' machines. In an email sent overnight on Monday, the Linux vendor warned users to update all machines running recent versions of Ubuntu, ranging from 6.06, which was released back in mid-2006, to version 8.04, which came out earlier this year. The problem also applied to other versions of Ubuntu such as Kubuntu, Edubuntu and Xubuntu.

"It was discovered that there were multiple NULL-pointed function de-references in the Linux kernel terminal handling code," wrote Ubuntu administrators in the email. "A local attacker could exploit this to execute arbitrary code as root, or crash the system, leading to a denial of service."

View: The full story @ ZDNet UK

Report a problem with article
Previous Story

Google drops Bluetooth, GTalkService APIs from Android 1.0

Next Story

Best Buy Getting Stricter With Console Exchanges


Commenting is disabled on this article.

Would this not require that someone write an assembly program that writes a function at memory address zero (assuming that the hardware and OS will allow this) with the correct calling convention for the target NULL-pointed function de-reference and that other NULL-pointed function de-references (at least with different calling conventions) are not executed for it to work properly? I imagine that the system would crash if these conditions were not met.

Would the hardware and OS will even allow a program to write at memory address zero?

I'm going to ASSume this is only effecting the Ubuntu variant of the kernel?

Hmm? Guess not.
"A number of other Linux vendors including Novell have recently released similar patches to address the problems."

null pointed pointers dereferencing, you have got to have a bad programming style/attitude to do that on multiple occasions. Still, it can happen to the best of us, glad they've fixed it

Like you stated, bugs happen to all. However, what really makes me wonder on this is if that Coverity scan is actually doing a good job? If this was missed in the scan, Coverity ought to be able to modify their methods/code to detect these types of issues.

From a Coverity press release in 2006:

“Coverity's static source code analysis has proven to be an effective step towards furthering the quality and security of Linux," said Andrew Morton, head maintainer of the 2.6 Linux kernel. "I welcome further contributions from Coverity to help identify defects in the Linux kernel with unprecedented speed and scalability."
I wonder if Andrew still holds them in the same apparent high regard after missing this.