Kernel 2.6.25: 64 Bit Systems At Risk

Jul 14, 2008

Jan Rähm

The changelog for kernel 2.6.25.11 includes just a single entry, however, it seems to be so important that the Kernel Stable Team urgently advises users to upgrade the kernel on 64 bit multiple user systems.

The patch by Geman developer Michael Karcher remove an issue in the local descriptor table (ldt) on x86_64 systems. Details of the bug have not yet been disclosed. In his release announcement Greg Kroah-Hartman writes that systems with unrestricted user accounts should definitely be updated. It can be assumed that logged in users are able to escalate their privileges thanks to the bug.

A couple of days ago, the kernel 2.6.25.10 release removed two vulnerabilities both of which affected the x86_64 platform. The first bug affected several drivers and could be exploited to run arbitrary code, or crash the kernel. The second bug affected the "sys32_ptrace()" function in "arch/x86/kernel/ptrace.c" and could cause an overflow of the "refcount" field in the "task_struct" structure, thus causing a number of system errors.

The bugs affect all 2.6.25 series kernels. The kernel development team urgently advises users to install patches.

Related content

Linux 2.6.25 without Closed Source USB Drivers

A controversial patch for the imminent kernel 2.6.25 is causing much debate in the developer community: in a similar move to one he made two years ago, the well-known kernel developer Greg Kroah-Hartman has submitted a patch that prevents closed source USB drivers from using the kernel's USB driver API.

more »
Torvalds Releases Kernel 2.6.25: GPL Only Restriction Imposed

Linus Torvalds has released the new 2.6.25 kernel just slightly behind schedule. Besides improvements to the CFS scheduler and a plethora of new drivers, the kernel also introduces a political aspect: it debars non-GPLd USB drivers.

more »
Local Vulnerabilities in Current Kernels

Recent kernel versions back to the older kernel 2.6.17 may contain a vulnerability that can be exploited by local attackers.

more »
Linus Torvalds: Kernel 2.6.25-rc1 "Bloody Large"

Linus Torvalds has announced the first release candidate of the new 2.6.25 kernel, codenamed "Bloody Large".

more »
Stable Kernel 2.6.22.2 Released

The new kernel release includes bugfixes and security updates.

more »

comments powered by Disqus

Issue 268/2023

Buy this issue as a PDF

Digital Issue: Price $12.99

(incl. VAT)

Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Find SysAdmin Jobs

News

KDE Plasma 5.27 Beta is Ready for Testing

The latest beta iteration of the KDE Plasma desktop is now available and includes some important additions and fixes.
Netrunner OS 23 Is Now Available

The latest version of this Linux distribution is now based on Debian Bullseye and is ready for installation and finally hits the KDE 5.20 branch of the desktop.
New Linux Distribution Built for Gamers

With a Gnome desktop that offers different layouts and a custom kernel, PikaOS is a great option for gamers of all types.
System76 Beefs Up Popular Pangolin Laptop

The darling of open-source-powered laptops and desktops will soon drop a new AMD Ryzen 7-powered version of their popular Pangolin laptop.
Nobara Project Is a Modified Version of Fedora with User-Friendly Fixes

If you're looking for a version of Fedora that includes third-party and proprietary packages, look no further than the Nobara Project.
Gnome 44 Now Has a Release Date

Gnome 44 will be officially released on March 22, 2023.
Nitrux 2.6 Available with Kernel 6.1 and a Major Change

The developers of Nitrux have officially released version 2.6 of their Linux distribution with plenty of new features to excite users.
Vanilla OS Initial Release Is Now Available

A stock GNOME experience with on-demand immutability finally sees its first production release.
Critical Linux Vulnerability Found to Impact SMB Servers

A Linux vulnerability with a CVSS score of 10 has been found to affect SMB servers and can lead to remote code execution.
Linux Mint 21.1 Now Available with Plenty of Look and Feel Changes

Vera has arrived and although it is still using kernel 5.15, there are plenty of improvements sure to please everyone.