Linux: two critical bugs found in udev subsystem code
Linux: two critical bugs found in udev subsystem code
14th May 2009
udev is the subsystem code of Linux similar to Windows Devices Manager by the functionality. Recently, two serious vulnerabilities have been found in it.
The former of them enables a local attacker to gain root privileges by sending to udev a specially designed netlink-message asking for the creation of accessible to all users /dev file, duplicating the existing block device (for example, the root file system sector)/ The other vulnerability concerns integer overflow in the utility for transferring control commands to udev. It allows transmitting specially designed cases and, thus, cause a denial of serving the udev subsystem and theoretically implement its own code with higher privileges.
These two vulnerabilities are confirmed in all supported versions of Debian, Fedora and Ubuntu.
Hard terms of WiiWare
Microsoft began developing Windows 8Featured downloads
Download Free trial
Interact
Now downloading
Synchromagic Pro
Synchromagic is an intelligently designed utility to perform foolproof synchronization of files and ...
Synchromagic is an intelligently designed utility to perform foolproof synchronization of files and ...
Blog categories
Windows Vista (87)
Entertainment (1544)
TweakNow (33)
GameJackal (47)
Apple (198)News blog