Month of Kernel Bugs to Come

Over the river and through the wood, to the bug hunter's house we go

Dark Reading Staff, Dark Reading

October 24, 2006

1 Min Read

5:45 PM -- Remember the Month of Browser Bugs? (See Getting Buggy with the MOBB.) Well, hold on to your turkey dinner: November will be the Month of Kernel Bugs (MOKB) -- and we're not talking corn here.

A Metasploit researcher who goes only by "LMH" has decided to disclose an OS kernel bug a day starting on November 1. This is the very same LMH, who along with HD Moore and Aviv Raff, developed the eVade-o-Matic Module (VOMM) which hides browser exploit code from signature-based systems.

LMH was apparently frustrated with how OS vendors handle patching these bugs after trying to collaborate with Red Hat on bugs he found in their OS with a fuzzing tool he had developed. Anyway, LMH is asking for "fresh" bug submissions for XNU, win32, *BSD, etc., such as denial-of-service, privilege escalation, or other typical kernel bugs. LMH is also offering his fuzzing tool to help bug hunters.

But before you start your Christmas shopping, you should know that rumor has it there may even be a Month of Apple Bugs in the works by some other researchers. It may be a long, cold winter.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights