Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux X.org Critical Security Flaw Silently Patched

Posted by CmdrTaco on from the pay-no-attention dept.

eldavojohn writes "On June 17th, the X.org team was notified by Invisible Things Lab of a critical security flaw (PDF) that affected both x86_32 and x86_64 platforms. The flaw deals with escalated privileges of a user process that has access to the X server. The founder of ITL said of the flaw, 'The attack allows a (unpriviliged) user process that has access to the X server (so, any GUI application) to unconditionally escalate to root (but again, it doesn't take advantage of any bug in the X server!). In other words: any GUI application (think e.g. sandboxed PDF viewer), if compromised (e.g. via malicious PDF document) can bypass all the Linux fancy security mechanisms, and escalate to root, and compromise the whole system.' This has apparently been a security flaw since kernel 2.6 was released. From the article, 'On 13 August, Linus Torvalds committed an initial fix, but several patches were added afterward for various reasons. The problem has been addressed in versions 2.6.27.52, 2.6.32.19, 2.6.34.4 and 2.6.35.2 of the kernel.'"

7 of 259 comments (clear)

  1. Re:How much more 'silent' was than other bugs? by psbrogna · · Score: 0, Troll

    Isn't that what "New Media" means; sensational?

  2. Re:How much more 'silent' was than other bugs? by stagg · · Score: 0, Troll

    Isn't that what "New Media" means; sensational?

    We require more Google hits!

  3. Re:Convenient by drsmithy · · Score: 0, Troll

    Oh god they're countless.

    List 10.

  4. Re:Convenient by blueg3 · · Score: 0, Troll

    Xorg is part of the Linux kernel?

  5. Re:Convenient by Alex+Belits · · Score: 0, Troll

    1. All compromises of a Linux shell servers ARE privilege elevation -- because every intruder starts from having a valid local an account on it.

    2. A privilege elevation on a Windows server would not even be an exploit because Windows server does not run untrusted content -- if you have an account on hosted Windows server that can install things, you are its administrator already, so there is nothing to exploit.

    3. Windows desktops suffer from privilege escalation exploits all the time. So would any system that would provide remotely accessible shell accounts on Windows server.

    4. You are still pretending that anything you have observed has something to do with remote exploits, quality of maintenance, and other irrelevant and stupid statements that you made and I have ignored.

    --
    Contrary to the popular belief, there indeed is no God.
  6. Re:Convenient by Alex+Belits · · Score: 0, Troll

    Are you for real? A non-customer would not have a local account.

    Have you ever seen a shell server compromised by a non-customer? You are talkling about your shitty little ISP experience, not some theoretical possibility, right?

    Why are you still arguing Linux vs. Windows? My post has never had anything specific to Windows vs. Linux and you'd know that if you bothered to read before responding.

    Don't even try that shit. Your most prominent statement was the claim that you have observed that Linux servers were compromised more often than Windows server. You backed it with fallacies, spin and your experience that -- if it was true or relevant in the first place -- is in no way applicable for any comparison.

    If you want to discuss your most idiotic (though less prominent) claim that one has to be "vigilant" to run Linux servers in a secure manner (as opposed to merely implementing well-known sane policies and apply updates when they are released), you are welcome to do it after renouncing your claims of having demonstrated it with your shitty experience running shell servers.

    --
    Contrary to the popular belief, there indeed is no God.
  7. Re:Convenient by Alex+Belits · · Score: 0, Troll

    Yes I have.

    Describe one.

    Must be nice to live in a world where the only possibilities are the ones you believe.

    Extraordinary claims are supposed to be supported by something other than "you are not open-minded enough".

    No my most prominent statement was "in my experience" and then I went on to convey that experience.

    Your "experience" how you described it, contradicts your own claims. The rest is irrelevant.

    You want to ignore all that and pretend that I said "Windows is more secure than Linux" or "Windows is easier to maintain than Linux"

    No, you claimed that all operating systems are equally insecure. This is false.

    PS: "...to merely implementing well-known sane policies and apply updates when they are released..." is being vigilant about security. A home user that ignores updates is not being "vigilant" about security.

    "Vigilant" means actively and constantly applying some nontrivial effort. Not calling root shell with input from CGI, or running an auto-update procedure every day is not "vigilant". Backing up all data from VMWare hosts, sifting for exploits, reimaging compromised VMWare instances of Windows and restoring sanitized data back to them is "vigilant".

    --
    Contrary to the popular belief, there indeed is no God.