• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Linux Kernel IA32 ExecVE Local Buffer Overflow Vulnerability

The Linux kernel is susceptible to a local buffer-overflow vulnerability. This issue is due to a race condition in an ia32 emulation system call that leads to a memory copy operation that overflows a previously allocated memory buffer.

During the time between two function calls to obtain buffer sizes, a window of opportunity exists for attackers to alter memory contents. This race condition allows local attackers to overwrite critical kernel memory, facilitating kernel-level machine code execution and privilege escalation.

On multiprocessor computers, attackers can directly alter the memory contents to exploit this race condition. On uniprocessor computers, a blocking function call allows attackers to exploit the race condition.

Versions of Linux 2.4 prior to 2.4.32-pre1, and Linux 2.4prior to 2.6.7 are susceptible to this issue.

This vulnerability affects only computers running on either the ia64 or the amd64 hardware platforms with ia32 emulation enabled.