News Stay informed about the latest enterprise technology news and product updates.

Update: No new flaw in Linux kernel

A security researcher who discovered previous, critical flaws in the Linux kernel clarifies a story published yesterday by that incorrectly reported a new kernel bug.

A story published yesterday by incorrectly reported that a third mremap vulnerability had been discovered in the Linux kernel.

Separate and unrelated flaws had been reported in the memory management system call in January and February. On March 1, researcher Paul Starzetz released an update to his initial advisory that a robust proof-of-concept exploit code had been produced for the flaw detailed in February.

"The vulerability is very easy to exploit once you have got local (shell) access to the system," Starzetz said in an e-mail to

The flaws enable attackers to gain root access to vulnerable systems, Starzetz said.

"Both bugs have been found in the same piece of code. The first one [released Jan. 5] was due to invalid argument input to the mremap system call. The second [released Jan. 18] concerns an unchecked use of the do_munmap internal kernel function inside the mremap code which may be forced to fail by preparing the virtual memory of the calling process in a special way," Starzetz said.

The flaw, deemed critical, was discovered by Starzetz and his research team at Polish security consultancy ISec. Kernel versions up to and including 2.2.25, 2.4 to 2.4.24 and 2.6 and up are affected and should be repaired immediately by downloading fixes from or a Linux distributor.

"Since no special privileges are required to use the mremap system call any process may use its unexpected behavior to disrupt the kernel memory management subsystem," said an alert from iSec. "Proper exploitation of this vulnerability leads to local privilege escalation giving an attacker full super-user privileges."

Dig Deeper on Linux servers

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.