Slashdot Mirror

← Back to Stories (view on slashdot.org)

Local Privilege Escalation On All Linux Kernels

Posted by timothy on from the uriah-deems-it-scary dept.

QuesarVII writes "Tavis Ormandy and Julien Tinnes have discovered a severe security flaw in all 2.4 and 2.6 kernels since 2001 on all architectures. 'Since it leads to the kernel executing code at NULL, the vulnerability is as trivial as it can get to exploit: an attacker can just put code in the first page that will get executed with kernel privileges.'"

8 of 595 comments (clear)

  1. Ahh... by clone53421 · · Score: 5, Funny

    So that's what the NULL pointers were for.

    --
    Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
  2. I'm safe! by Anonymous Coward · · Score: 5, Funny

    I use Windows!

  3. I can hear the OpenBSD users laughing already... by thenextstevejobs · · Score: 5, Funny

    Or I would be able to, if there were any

    --
    Long live the BSD license
  4. Re:I can hear the OpenBSD users laughing already.. by frn123 · · Score: 5, Funny

    Sure there are. And they are both laughing.

  5. Re:pwned by amicusNYCL · · Score: 5, Funny

    Aw, cheer up little guy. I thought it was a very nice comment.

    --
    "Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
  6. "Many eyes", but all of them nearsighted? by Petersko · · Score: 5, Funny

    And from all across the globe came the sound of geeks crying, for they would soon see their beloved "uptime" reset to zero.

  7. Re:It's from April? Really? by Verdatum · · Score: 5, Funny

    Yeah, that was my fault. Sorry about that. I knew it was there, I just kept putting off fixing it or telling anyone.

  8. Re:pwned by beav007 · · Score: 5, Funny

    Of course, as this only affects 2.4 and 2.6, users of Debian stable should have no reason to worry.

    See? All that testing is worth it after all!