Linux Flaws Provide Root Access To Hackers

Security experts have discovered two vulnerabilities in the Linux operating system platform that could grant attackers root privileges on an infected system.

The first Linux vulnerability was reported by security firm VSR, which explained that the security flaw was related to the implementation of Reliable Datagram Sockets protocol (RDS) in versions 2.6.30 through 2.6.36-rc8 of the Linux kernel.

According to the company, the vulnerability will allow an attacker to write arbitrary data on the kernel memory that can be used to escalate privileges to root.

“The exploit leverages the ability to write into kernel memory to reset the kernel's security operations structure and gain root privileges. The exploit requires that kernel symbol resolution is available to unprivileged users,” the company explained.

The second Linux vulnerability, which was discovered by security researcher Tavis Ormandy, is related to a flaw found in the library loader of the GNU C library, which can be exploited to gain escalated root privileges.