Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux Kernel Exploit Busily Rooting 64-Bit Machines

Posted by timothy on from the get-your-patch-on dept.

An anonymous reader writes "Running 64-bit Linux? Haven't updated yet? You're probably being rooted as I type this. CVE-2010-3081, this week's second high-profile local root exploit in the Linux kernel, is compromising machines left and right. Almost all 64-bit machines are affected, and 'Ac1db1tch3z' (classy) published code to let any local user get a root shell. Ac1db1tch3z's exploit is more malicious than usual because it leaves a backdoor behind for itself to exploit later even if the hole is patched. Luckily, there's a tool you can run to see if you've already been exploited, courtesy of security company Ksplice, which beat most of the Linux vendors with a 'rebootless' version of the patch."

5 of 488 comments (clear)

  1. Re:*Yawn* Local Root Exploit by IICV · · Score: 1, Offtopic

    Heh, I think you don't quite understand what "local access" means.

    It means that the user has an account on the machine, which may be used remotely. It doesn't mean that they have physical access to the computer.

    Local user accounts are generally considered to only be a short step up from actual physical access in terms of how big your vulnerability surface is. College students have been proving for years that once you give someone a local user account, you've almost certainly given them root access at some point in the future.

  2. Re:Bad Publicity... by Anonymous Coward · · Score: 0, Offtopic

    where do you get that numbers?

    Going to 64 bit means your instructions will be 64 bit, which means doubling the cache mem usuage.

    Depending on how the os/app uses the cache you may even find an slow down on performance.

    From performance point of view, if you don't really need 64 bits ( probably most of users will be fine with 4GB ram in next years) stay at 32 bits.

  3. Burn up all my karma? Yes. by symbolset · · Score: 0, Offtopic

    If you're wondering if I'm willing to burn up all my established good reputation to buy the reader the chance to read my parent comment, the answer is yes.

    Now the question is how many mod points have you got?

    --
    Help stamp out iliturcy.
  4. Who modded this insightful? by symbolset · · Score: 0, Offtopic

    Sometimes I wish /. moderation was trackable.

    --
    Help stamp out iliturcy.
  5. Re:Oh Noes by LinuxAndLube · · Score: 1, Offtopic

    Are you ready to put your money where your mouth is? I set up a Windows server and you have 24 hours to remotely root it. If you succeed, I give you 1000 USD. If not, you give me 1000 USD.