March 2nd, 2002, 12:54 PM
Linux flaw opens door in firewalls.
The flaw, which affects versions 2.4.14 through 2.4.18-pre9 of the Linux kernel, is in a component of the Netfilter firewall software. The component is involved when two computer users chat directly with each other using the Internet Relay Chat (IRC) system.
Information sent across the Internet is broken up into tiny "packets," each with "from" and "to" addresses, indicating who's sent the information and where it's intended to go. So-called firewall software transmits or screens out these packets based on the address of the sender.
Netfilter, among the new aspects of the 2.4 version of the Linux kernel, is software that runs within the kernel to filter out unwanted packets. But its IRC helper component configures firewall settings too broadly, potentially allowing communication from IP (Internet Protocol) addresses that should be blocked.
Programmers working on the Netfilter firewall software project reported the problem Monday.
Versions 7.1 and 7.2 of leading Linux seller Red Hat's product are vulnerable. The Durham, N.C.-based company issued a patch Thursday that corrects the problem. The flawed software isn't installed by default on the Red Hat versions, the company said, but some users may have added it.
Security is a nagging concern for the computer industry, which must juggle new features with the risk that they open up new problems. While the firewall problem the Netfilter programmers discovered is limited to a few versions of Linux, a more serious problem emerged earlier this month affecting numerous operating systems using standard network management software.