Linux modprobe Buffer Overflow Vulnerability
Modutils is a component of many linux systems that includes tools for using loadable kernel modules. One of these tools, modprobe, loads a set of modules that correspond to a provided "name" (passed at the command line) automatically.
Though fixes for a recent (as of 11/23/2000, see Bugtraq ID 1936) high-profile vulnerability in modprobe have been made available by most vulnerable Linux vendors, it has been reported that there exists another method for an attacker to gain root privileges exploiting modprobe.
Debian and RedHat have both released advisories regarding a vulnerability that exists in modprobe related to the handling of input from the kernel. A buffer overflow can occur because data passed from the user through the kernel to modprobe isn't checked for length/validity before being used in memory copies.
Since modprobe is still spawned as root via kmod through setuid utilities such as ping, successful exploitation of this vulnerability can lead to root privileges for the attacker.