Release date:
Updated on:
Affected Systems:
Linux kernel 2.6.x
Description:
--------------------------------------------------------------------------------
Bugtraq id: 46485
Linux Kernel is the Kernel used by open source Linux.
Linux Kernel's "procfs" and "sysfs" files have security vulnerabilities. malicious local users can exploit this vulnerability to bypass certain security restrictions.
This vulnerability occurs because multiple "procfs" and "sysfs" files can be globally writable, which may cause some settings to be changed, some hardware registers, NVRAM or some firmware to be installed.
<* Source: Vasiliy Kulikov
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.kernel.org/