Linux security vulnerabilities can cause 2.6 suites to crash

A young Norwegian programmer recently discovered a Linux Bug. A simple C program can use this Bug to crash most Linux 2.4 and 2.6 suites on the x86 system.
Sither, the discoverer of this Bug, said that if an attacker wants to crash the Linux system through this Bug, he needs to have Shell access or other means to upload and run programs, for example, cgi-bin or FTP permission.
"The attack program can work with any common user account without the Root permission," he said. It is reported that similar attacks have led to the crash of some "lame free Shell sites. These sites provide code that is known to cause system damage and hacker attacks, although this behavior is illegal and is highly banned in most parts of the world.
In addition to publishing the program code to exploit this Bug, Sither has also released some patches for Linux 2.4 and 2.6 Kernels to prevent the system from crashing.
Multiple Security Issues in Linux have been detected over the past few years. The most serious one is a Security vulnerability discovered by the Polish nonprofit organization iSEC Security Research in February this year.
This biggest security vulnerability allows attackers to gain full permissions of superusers and administrators. However, the Linux open source code community quickly launched patches for these two cases.
However, the recent security vulnerability does not give the provider any permission to control Linux when the system crashes.
Technically, this problem exists because the signal processor of the Linux kernel cannot correctly handle floating point exceptions. Linus Torvalds, founder of Linux, said: "If there are pending floating point exceptions in the system, there will be a channel to the system kernel. The system kernel will eventually execute a floating point exception and will always execute a floating point exception ."
Torvalds has well solved this problem, he said: "A few days ago, I fixed this problem in my own source code tree and released Linux 2.6.7 ."
Eric Raymond, Chairman of Open Source Initiative, also said: "This is not a big problem. We can fix it easily, and these repaired kernels won't bring any new problems ."

Related Articles]

• RedHat Linux core Security Vulnerabilities

• Multiple security vulnerabilities in Linux Kernel

• Linux Kernel 2.4.18 Local Privilege Escalation Vulnerability