Bug In Most Linuxes Can Give Untrusted Users Root

Red Midnight and other readers brought to our attention a bug in most deployed versions of Linux that could result in untrusted users getting root access. The bug was found by Brad Spengler last month. "The null pointer dereference flaw was only fixed in the upcoming 2.6.32 release candidate of the Linux kernel, making virtually all production versions in use at the moment vulnerable. While attacks can be prevented by implementing a common feature known as mmap_min_addr, the RHEL distribution... doesn't properly implement that protection... The... bug is mitigated by default on most Linux distributions, thanks to their correct implementation of the mmap_min_addr feature. ... [Spengler] said many other Linux users are also vulnerable because they run older versions or are forced to turn off [mmap_min_addr] to run certain types of applications." The register reprints a dialog from the OpenBSD-misc mailing list in which Theo De Raadt says, "For the record, this particular problem was resolved in OpenBSD a while back, in 2008. We are not super proud of the solution, but it is what seems best faced with a stupid Intel architectural choice. However, it seems that everyone else is slowly coming around to the same solution."

Re:obvious troll is obvious.

[Waffle+Iron]

Actually, I was not trolling. Put simply, if this EXACT BUG was discovered in Windows, OS persons would be jumping about like grass-hoppers that THIS could never happen in OS software.

As pointed out elsewhere on these threads, most Linux versions already prevent this bug through a kernel memory map setting. However, WINE, which needs to run things in a Windows-compatible way, doesn't work with that setting, so it's turned off, and people with WINE installed remain vulnerable.

So in a way, this *is* a bug with Windows.