Monday, February 18, 2013
In the Linux kernel found local vulnerability
To demonstrate the potential for exploitation of the vulnerability exploited by a prototype for the sheer work that requires small changes to the core, simplifying manifestation of the race when called with a parameter ptrace PTRACE_SETREGS.
How realistic is operated under normal conditions the problem and the circumstances that may contribute to the fact it is not clear yet is considered to be attacked only in theory. However, it is possible that the problem is one of the most dangerous vulnerabilities in the kernel in the past few years.
If the mainline kernel silently corrected the problem about a month ago, for the nuclei of many distributions of the problem may be in the nature uncorrected 0-day vulnerability. Of the obscure moments while also says exposure to the problem of hardware architectures (currently known that the problem is subject to x86_64 architecture).