Leading Linux distributor Suse has uncovered a security hole in the linux 2.6 kernel
. It is claimed that this vulnerability can be used to shut down a system running 2.6-based software remotely. Bad news, indeed.
The 2.6 kernel was introduced last year, and represents a lot of what is state of the art about Linux. It is loaded with new features, but in terms of development life, its pretty immature. There remains quite a lot of work to be done, and many companies such as Red Hat view the more established 2.4 kernel as more viable for production work, and have back ported many 2.6 bits and bobs for 2.4
This new found problem in 2.6 is to do with the way the kernel handles iptables firewall logging. It only affects systems which use iptables-based firewalls. This includes SUSEfirewall2, which is why the company was so keen to highlight the problems. Apparently, an attacker could use a malformed packet to shut down the system. The potential exploit is rated as being pretty serious.
No word as yet on a new release of 2.6 which will fix the problem, but I can only assume that one is coming - the penguin heads won't tolerate this for long!