From slashdot this morning:<br><br><h3><a href="http://it.slashdot.org/it/06/10/03/2122220.shtml">Weakness In Linux Kernel's Binary Format</a>
			
		</h3>
	

	<div class="details">

	
	<b>Posted by
	
	<a href="http://technologyfront.com/">kdawson</a>

	on Tuesday October 03, @06:50PM</b><br>
	<strong>from the <b>get-right-on-this</b> dept.</strong>
	</div>
	<div class="body">
		<div class="topic">
		
		
			<a href="http://slashdot.org/search.pl?tid=172">
				<img src="http://images.slashdot.org/topics/topicsecurity.gif" alt="Security" title="Security" height="78" width="59">
			</a>
		
		
		</div>
		<div class="intro">
			<a href="mailto:goodfellas@shellcode.com.ar" rel="nofollow">Goodfellas</a> writes, <i>&quot;This
document aims to demonstrate a design weakness found in the handling of
simply linked lists used to register binary formats handled by the
Linux kernel. It affects all the kernel families (2.0/2.2/2.4/2.6),
allowing the insertion of infection modules in kernel space that can be
used by malicious users to create infection tools, for example
rootkits. Proof of concept, details, and proposed solution (in PDF
form): <a href="http://www.shellcode.com.ar/docz/binfmt-en.pdf">English</a>, <a href="http://www.shellcode.com.ar/docz/binfmt-es.pdf">Spanish</a>.</i>
		</div>





		




	


	</div><br><br>Has anyone seen or heard of this?&nbsp; I was not able to get the report and might not understand it anyway.&nbsp; It might be totally bogus.&nbsp; NTL, I was surprised it had not been mentioned here.&nbsp; BTW, the English link was to 
<a href="http://www.shellcode.com.ar/docz/binfmt-en.pdf">http://www.shellcode.com.ar/docz/binfmt-en.pdf</a> in case it is not active here.&nbsp; I was guessing the site may have been overwhelmed preventing me from getting it, but I am curious about it.
<br clear="all"><br>-- <br>Be who you are and say what you feel, because those who mind don't matter and those who matter don't mind.&nbsp;&nbsp;- Dr. Seuss