SuSE issues a warning that the Linux core has a serious security vulnerability.

Suse, a Linux publisher, issued a warning on June 13, October 27, saying that the Linux core 2.6 version had one of the most serious security vulnerabilities so far, this vulnerability allows hackers to shut down systems running 2.6 software.

The 2.6 core was launched at the end of last year. It added many enterprise-friendly features for Linux, but it is still a commercial product initially launched. Although many Linux vendors have released new core software for some technical starters, Suse companies under Novell are still one of the few vendors that provide 2.6 enterprise-level products.

For example, RedHat has returned many important 2.6 features to the 2.4 core in Red Hat Enterprise Edition Linux, claiming that the old core is more stable than the new core. Although MandrakeSoft has introduced the 2.6 core, it has not been launched in the form of Enterprise Edition. SuSE claims that it was the first time this spring that SuSE Linux 9.1 introduced 2.6 cores in the retail Linux operating system.

SuSE said that this fault lies in the way the core processes iptable firewall login, and only affects the system based on iptable firewall, such as susefirewall2. The SuSE consulting Department said hackers could exploit the maliciousProgramShut down the system and rated the vulnerability as the ninth among the ten security levels.

As a way to upgrade the core, you can remove the IP and TCP firewall logon, but this is not a recommended method. Running 2.4 old core products, including enterprise-level server products from RedHat and MandrakeSoft, are not affected.

Full text source: Saidi