Slashdot Mirror

← Back to Stories (view on slashdot.org)

Local Privilege Escalation On All Linux Kernels

Posted by timothy on Thursday August 13, 2009 @08:54AM from the uriah-deems-it-scary dept.

QuesarVII writes "Tavis Ormandy and Julien Tinnes have discovered a severe security flaw in all 2.4 and 2.6 kernels since 2001 on all architectures. 'Since it leads to the kernel executing code at NULL, the vulnerability is as trivial as it can get to exploit: an attacker can just put code in the first page that will get executed with kernel privileges.'"

1 of 595 comments (clear)

Min score:

Reason:

Sort:

Re:pwned by Vu1turEMaN · 2009-08-13 10:08 · Score: 1, Offtopic

I wonder which is more secure....Windows Server 2003 fully patched but no configuration changes, or a fully patched XP with about 20 of the really troublesome services disabled.