Slashdot Mirror

← Back to Stories (view on slashdot.org)

Local Privilege Escalation On All Linux Kernels

Posted by timothy on from the uriah-deems-it-scary dept.

QuesarVII writes "Tavis Ormandy and Julien Tinnes have discovered a severe security flaw in all 2.4 and 2.6 kernels since 2001 on all architectures. 'Since it leads to the kernel executing code at NULL, the vulnerability is as trivial as it can get to exploit: an attacker can just put code in the first page that will get executed with kernel privileges.'"

6 of 595 comments (clear)

  1. Re:Security through Obscurity? by ammorais · · Score: 0, Flamebait

    I don't know what do you mean with Obscurity.
    For me obscurity is closed source code. It's to try to hide vulnerabilities from the public to argue that it's more safe.
    Obscurity for me definitely isn't posting a patch in the same day that the vulnerability is discovered.

  2. Re:I'm safe! by tenco · · Score: 1, Flamebait

    (...) Ubuntu (...) more stable (...) more stable (...)

    FAIL.

  3. Re:Security through Obscurity? by PopeRatzo · · Score: 1, Flamebait

    I don't know what do you mean with Obscurity.

    Since there seems to be some confusion, let me help:

    From Webster:"shrouded in or hidden by darkness c : not clearly seen or easily distinguished : faint 2 : not readily understood or clearly expressed"

    Obscurity for me definitely isn't posting a patch in the same day that the vulnerability is discovered.

    We only know that Tavis Ormandy and Julien Tinnes discovered it the day before the patch came out. Hackers, who by definition operate in obscurity, may have known about it earlier. The fact that Travis and Julien found it after eight years pretty much means that the flaw existed in obscurity.

    We hope.

    --
    You are welcome on my lawn.
  4. Re:Security through Obscurity? by alexborges · · Score: 0, Flamebait

    How can they all be rootkitted if its a local root exploit, not a remote one.

    --
    NO SIG
  5. Re:It's from April? Really? by alexborges · · Score: 0, Flamebait

    Ah...

    How the hell can you mod if youre posting? Do you keep an extra account with modpoints somewhere or get help from friends? Wow, pretty sophisticated.

    Or do we have a bitch ass whiner account now @ /. to report "offensive" posts? It would be a crappy day for me if this was the case.

    And no. You like to tag me as a fanboi because of what I said. Here:
    Oh...

    So it was disclosed the 11th of august and linus has a patch today, HUH? GOOD THING: QUICK PATCH

    There are YEAR OLD bugs with this exact level of danger that microsoft simply has not patched and still refuses to patch. ABSOLUTE TRUTH TO ANYONE IN THE SECURITY INDUSTRY

    Fuck you, I love my os BECAUSE i know beforehand that it will be fixed in no time.... For this case, even you say im right

    Windows people are just plain stupid, really. I dont think YOU are a windows user, I pitty you if you are forced to be one.
     

    --
    NO SIG
  6. Re:pwned by toadlife · · Score: 0, Flamebait

    You were the one who made the original claim. Methinks it's you that should go to secunia and do the math.

    --
    I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.