10 June 2008, 14:55

Security holes in Linux kernel closed

The Linux kernel developers have fixed security flaws in version 2.6.25.5 published last Friday that affect the CIFS and SNMP-NAT modules (nf_nat_snmp_basic). Crafted packets can cause a buffer overflow remotely in the BER decoder used by the ASN.1 parser. The kernel then crashes, and it may even be possible to inject and execute code in the process.

CIFS provides access to network shares. An extension of the older SMBFS under Linux, it uses Server Message Blocks (SMB) to transmit data. A buffer overflow in the CIFS implementation of the Linux kernel previously caused problems in version 2.6.23.1.

The developers do not provide any additional information in their announcement. You should assume that you are vulnerable if you use the modules mentioned. The developers recommend that the update be installed as soon as possible. In addition to the 2.6 kernel, the 2.4 kernel is also affected. The flaw has been remedied in 2.4.36.6.