Source & more info:This is a serious bug, it effects all Kernel versions released since May 2001! That goes all the way back to the early 2.4 versions.
It’s also exploitable according to the report – This issue is easily exploitable for local privilege escalation. In order to exploit this, an attacker would create a mapping at address zero containing code to be executed with privileges of the kernel (which I would assume to be root).
At least it only allows local priveledge escalation, if was a remote root exploit in the kernel..it would be a disaster.
A patch has been released, so if you have untrusted local users on your system UPDATE YOUR KERNEL NOW!
This is the second time this year there has been a serious exploit in the Linux Kernel, which in a way is good because it means people are looking at it critically.
The more bugs that get exposed, the more secure the Kernel and our operating systems become.
http://www.darknet.org.uk/2009/08/serio ... /#comments
