Security researchers have discovered a potentialy serious security vulnerability within a Linux kernel memory management module.

At risk this time around are versions of the Linux kernel from 2.2 up to and including 2.2.25; 2.4 up to and including 2.4.24; 2.6 up to and including 2.6.2.

Exploitation of the latest flaw is straightforward, according to Polish white hat hackers iSec, which unearthed both problems. But don't get too alarmed - there's no evidence that the vuln has been used in anger.

The vuln is not remotely executable, which leads me to believe that its probably the sort of thing thats destined to become a "gain root access floppy" of some sort. But then you never know what sick little minds are plotting in the dark.

More here.