Linux flaw leaves computers vulnerable

Thanks xStainDx for the heads up.

A flaw in a software-compression library used in all versions of Linux could leave the lion's share of systems based on the open-source operating system open to attack, said sources in the security community on Monday.

Several other operating systems that use open-source components are vulnerable too varying degrees as well.

The software bug, known as a double-free vulnerability, causes key memory-management functions in the zlib compression library to fail, a condition that could allow a smart attacker to compromise computers over the Internet, said Dave Wreski, director for open-source security company Guardian Digital.

"It is just a matter of time before an exploit is developed," Wreski said.

The flaw, discovered by Linux user Matthias Clasen and Owen Taylor, an engineer at Linux-software company Red Hat, affects any Linux program that uses the zlib library for decompression, including the core software of the operating system, the kernel.

News source: C|Net

View: The whole story

Report a problem with article
Next Article

TopStyle Pro 2.51 Beta 3

Previous Article

Sun battles Microsoft Passport

-1 Comments - Add comment