Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux X.org Critical Security Flaw Silently Patched

Posted by CmdrTaco on from the pay-no-attention dept.

eldavojohn writes "On June 17th, the X.org team was notified by Invisible Things Lab of a critical security flaw (PDF) that affected both x86_32 and x86_64 platforms. The flaw deals with escalated privileges of a user process that has access to the X server. The founder of ITL said of the flaw, 'The attack allows a (unpriviliged) user process that has access to the X server (so, any GUI application) to unconditionally escalate to root (but again, it doesn't take advantage of any bug in the X server!). In other words: any GUI application (think e.g. sandboxed PDF viewer), if compromised (e.g. via malicious PDF document) can bypass all the Linux fancy security mechanisms, and escalate to root, and compromise the whole system.' This has apparently been a security flaw since kernel 2.6 was released. From the article, 'On 13 August, Linus Torvalds committed an initial fix, but several patches were added afterward for various reasons. The problem has been addressed in versions 2.6.27.52, 2.6.32.19, 2.6.34.4 and 2.6.35.2 of the kernel.'"

4 of 259 comments (clear)

  1. How much more 'silent' was than other bugs? by master_p · · Score: 4, Insightful

    Do the Linux developers put a news announcement out every time there is a bug and they forgot about it this time?

    Isn't it a little sensational to imply that Linus and the other people didn't want this bug to be known because they fear Linux will be characterized as buggy?

    1. Re:How much more 'silent' was than other bugs? by stagg · · Score: 4, Insightful

      I'd rather hear about a flaw like this after the fact frankly. I don't think an unpatched exploit needs the kind of publicity that /. would get it.

  2. Is this news? by mspohr · · Score: 4, Insightful
    Isn't this the way it's supposed to work?

    1. Bug found, responsible parties notified

    2. Bug fixed and software updated

    3. We are protected from potential future attacks. (Profit!)

    Was there an actual attack? No.

    --
    I don't read your sig. Why are you reading mine?
  3. Re:Convenient by NNKK · · Score: 4, Insightful

    Do you honestly think that Microsoft would do nothing if there was a non-patched privilege escalation exploit in Windows?

    What rock have you been living under?