An error in the workings of Linux kernel versions 2.6.17 to 2.6.24.1 can give local users access to root privileges.
Although example code and root exploits exist for the vulnerability security firm Secunia has rated the problem as "less critical".
The vulnerability is caused by a missing verification of parameters within the Linux kernel's "vmsplice" function, which appears in versions 2.6.17 to 2.6.24.1.
A fix for the vulnerability was quickly released for the latter version of the kernel, but first tests showed that the patch did not solve the problem completely.
Want to know more?
For all the latest news, analysis and opinion on Open source, click here
Version 2.6.24.2 has since been released as a solution to the problem, while Secunia suggests updating to version 2.6.24.2 or to 2.6.23.16 to remedy the error.
Developers have also finished the development phase of the next kernel version, 2.6.25, and have put out an initial Release Candidate. The finished version of the new kernel is expected to be released in April.
Suzanne Tindal of ZDNet.com.au contributed to this report.
