Linux: RDS Protocol Local Privilege Escalation Vulnerability

Users of Linux please be advised of a RDS Protocol Local Privilege Escalation vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Linux-SA-10/19/2010: VSR Advisories: Linux RDS Protocol Local Privilege Escalation
Vulnerability Details

– ———————

On Linux, recvmsg() style socket calls are performed using iovec structs, which

allow a user to specify a base address and size for a buffer used to receive

socket data. Each packet family is responsible for defining functions that

copy socket data, which is received by the kernel, back to user space to allow

user programs to process and handle received network data.

Read more at http://www.criticalwatch.com

 

Advertisements