Users of Linux please be advised of a RDS Protocol Local Privilege Escalation vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
Linux-SA-10/19/2010: VSR Advisories: Linux RDS Protocol Local Privilege Escalation
Vulnerability Details
- ---------------------
On Linux, recvmsg() style socket calls are performed using iovec structs, which
allow a user to specify a base address and size for a buffer used to receive
socket data. Each packet family is responsible for defining functions that
copy socket data, which is received by the kernel, back to user space to allow
user programs to process and handle received network data.
Read more at www.criticalwatch.com
See this Amp at http://amplify.com/u/dmce
No comments:
Post a Comment