Go to the Softpedia homepage


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
Home / News / Linux / Open Source Software

Open Source Software

Linux Kernel 2.6.22.4 Released

Fixes "parent process death signal" vulnerability!

By Marius Nestor, Linux Editor

21st of August 2007, 09:47 GMT

Adjust text size:


Tux
Enlarge picture
The 2.6.22.4 version from the 2.6 stable Linux kernel branch was released last night and it fixes an important vulnerability that allowed an unprivileged local user to send arbitrary signals to a child process despite security restrictions:

"This fixes a vulnerability in the "parent process death signal" implementation discoverd by Wojciech Purczynski of COSEINC PTE Ltd. and iSEC Security Research.", stated Greg Kroah-Hartman.

In a sane environment, non-root users can't send signals to processes running with different UID, but this vulnerability found in the Linux kernel by Wojciech Purczynski, allowed any local user to bypass security restrictions and send arbitrary signals to any child process executed by the user.

For more information about this vulnerability please go here.

Changes from version 2.6.22.3 to 2.6.22.4:

■ Reset current->pdeath_signal on SUID binary execution (CVE-2007-3848)

The 2.6.22 Linux kernel includes features and drivers such as:

■ New Slab allocator: SLUB
■ New Wireless stack
■ New Firewire stack
■ Signal/timer events notifications
through file descriptors
■ Blackfin architecture
■ UBI
■ Secure RxRPC sockets
■ Process footprint measurement facility
■ utimensat()

Graphic drivers:

■ pm3fb: Preliminary 2.4 to 2.6 port
■ New framebuffer driver (vt8623fb) for VIA VT8623
■ Hecuba framebuffer driver
■ arkfb: new framebuffer driver for ARK Logic cards
■ atmel_lcdfb: AT91/AT32 LCD Controller framebuffer driver
■ Add Sun XVR-500 framebuffer driver. (commit) and Sun XVR-2500 framebuffer driver

Network drivers:

■ Mellanox ConnectX InfiniBand adapters driver
■ Marvell Libertas 8388 802.11b/g USB driver
■ zr364xx V4L2 driver for USB webcams based on the zr364xx chipsets

The Linux Kernel is the essential part of all Linux Distributions, responsible for resource allocation, low-level hardware interfaces, security, simple communications, and basic file system management.

Linux is a clone of the Unix operating system, initially written from scratch by Linus Torvalds, assisted by a loosely-knit team of hackers across the Net. It aims to achieve POSIX and Single UNIX Specification compliance.

You can download the Linux kernel now from Softpedia.

TAGS:

 Linux | kernel


Rating:
Good (3.2/5) 5 vote(s) so far    

Read by 1,799 user(s) | Add comment | Link to this article
Subscribe to news | Print article | Send to friend

© Copyright 2001-2008 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


IBM, Oracle, NEC to Promote Linux in Japan

Linux Mint 3.0 Light Edition Released

LinuxCertified Announces the Linux Device Driver Development Course

Dell Will Sell More Linux Computers

Nokia Siemens Networks Is Member of the Linux Foundation

Linux Mint 3.0 Xfce Available Now

Ark Linux & Ark Linux Live 2007.1 Released

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 






SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and the Softpedia™ logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive