Slashdot Mirror

← Back to Stories (view on slashdot.org)

Local Privilege Escalation On All Linux Kernels

Posted by timothy on from the uriah-deems-it-scary dept.

QuesarVII writes "Tavis Ormandy and Julien Tinnes have discovered a severe security flaw in all 2.4 and 2.6 kernels since 2001 on all architectures. 'Since it leads to the kernel executing code at NULL, the vulnerability is as trivial as it can get to exploit: an attacker can just put code in the first page that will get executed with kernel privileges.'"

3 of 595 comments (clear)

  1. Re:pwned by lukas84 · · Score: 1, Troll

    What's your point?

  2. Re:Security through Obscurity? by alexborges · · Score: 1, Troll

    Yes...

    Do YOU know how many undiscovered bugs are in windows?

    NO!

    Because hell, YOU CANT KNOW what you dont have access to. Linux, at least, can be checked and rechecked and sooner or later someone will find the bug.

    In the case of windows, perhaps even now there are tremendous remote root exploits that are being actively used that you dont know about. And if those follow the trends of virii or other exploit info that is available, its probably a number of undisclosed exploits like 100000 larger than all you could find in Linux.

    --
    NO SIG
  3. Re:pwned by alexborges · · Score: 1, Troll

    No no, not run-of-the-mill: ive hated microsoft for a big while and still find it very, very fun to let people know how this company could'nt care less for the security of their customer's information.

    I like to talk about it specially since MS has contracted some good PR firms to come into slashdot to attempt some trolling that is always easy to spot.

    --
    NO SIG