Linux kernel attack thwarted

An attempt by an unknown attacker to plant a Trojan virus in the Linux kernel has been blocked.

On Wednesday, kernel developers discovered that a server hosting a copy of the Linux source code had been compromised and that a Linux kernel file had been changed to allow the attacker unauthorized access to operating systems built with the affected source code.

The machine in question, Kernel.bkbits.net, hosted a version of the Linux source code that was used by only a handful of Linux developers, according to Larry McVoy, a maintainer of the machine.

“It’s not a very tightly secured machine. It’s more of a kernel developers’ playground,” he said.

McVoy did not consider the attack to be significant because the exploit was quickly identified and because the site in question is used by such a small number of developers. The compromise was detected and corrected within 12 hours, and the compromised source downloaded by, at most, a handful of developers, McVoy estimated.

The Kernel.org and Linux.bkbits.net sites that are used by the vast majority of Linux developers, including companies like Red Hat Inc. and Suse AG, were not affected by the attack, McVoy said. Had an attacker been able to plant the exploit on those machines, it would have been “a dramatically bad thing,” McVoy said.

The attack illustrates both the strengths and weaknesses of Linux development, said Linux creator Linus Torvalds in an e-mail interview. “To some degree, the fact that kernel development is pretty distributed and there isn’t a single kernel tree that is ‘the’ tree means that there’s not a single point of failure,” he said.

“That also means that there are more end-point machines,” he said. “So arguably there are more targets for cracking.”

Kernel.bkbits.net will be returned to service in a few days, when the machine has had its hard drive replaced and a new operating system installed with security fixes, McVoy said.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now