Linux Community Patches Six-Year-Old Dangerous Bug

The Linux kernel has at last been redeemed from a privilege-escalation flaw that facilated unreliable local user to gain free rights to the most safe and secure locations of the operating system.

The flaw was discovered by security researcher Gael Delalleu a long way back in the year 2005, but it remained unnoticed until Rafal Wojtczuk, (an Invisible Things Lab security researcher), began investigating on concerned issues. He described a technique that abused the bug via Xorg server, which is instrumental in offering graphical user interface functions in Linux and is also known as X server, as reported by Tuesday on August 17, 2010.

The memory-corruption bug arises from two memory areas of X server that develop in the address space, but in the opposite directions. This characteristic is inherited from the x86 design planned by Intel. Attackers can compel the two different regions to crash, thereby causing critical control data to be substituted with values that enables the capturing of X server.

According to the blog post of Joanna Rutkowska (a security researcher at Invisible Things Lab), an important aspect of the attack displayed how difficult it was to carry security to a desktop platform, where the major challenge was to allow applications talk to the GUI layer. For instance, in case of Linux X server, which generally involved a very heavy GUI protocol (think X protocol, or Win32 GUI API) and a very compound GUI server, but simultaneously kept things safe and secure, as reported by The Register on August 19, 2010.

Furthermore, Joanna Rutkowska, CEO Invisible Things Labs wrote in a blog post that the unrepaired error could have allowed any GUI application that could be compromised. For instance, a PDF viewer can be used to bypass Linux security and potentially take over the machine, as reported by linuxplanet on August 19, 2010.

The experts said that since Linux had made its way on the production machines of every large business in the western world, Linux would become an even better target for cybercriminals and not just script kiddies. It was the time the kernel keepers assessed their disclosure policies. There was a thin line lying between trying to keep information away from the cybercriminals and using that policy as a justification to hide their own faults.

Related article: Long URLs Cause Security Flaw in Opera Browser

» SPAMfighter News - 8/26/2010