Denial of Service in Linux KernelMSI

Two denial of service vulnerabilities were reported in Linux kernels prior to 2.6.23.8 this weekend.

The first is caused by a design flaw in the “wait_task_stopped()” function. It is locally exploitable by manipulating the state of a child process. Kernel version 2.6.24-rc1 is also known to be vulnerable. See CVE-2007-5500 for more details.

The second involves a design flaw in the “write_queue_from” which creates a NULL-pointer issue. This vulnerability is remotely exploitable by sending the system a specially crafted ACK packet. See CVE-2007-5501 for more details.

The original advisory can be viewed at:
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.8

MSI :: State of Security

Insight from the Information Security Experts

Denial of Service in Linux Kernel

Leave a Reply