A security researcher has released zero-day code for a flaw in the Linux kernel, saying that it bypasses security protections in the operating system.
The source code for the exploit was made available last week by researcher Brad Spengler on the Dailydave mailing list. According to the researcher, the code exploits a vulnerability in Linux version 2.6.30, and 2.6.18, and affects both 32-bit and 64-bit versions. The 2.6.18 kernel is used in Red Hat Enterprise Linux 5.
The exploit bypasses null pointer de-reference protection in the mainline kernel, which could allow an attacker to … Read more