Linux Kernel Exploit Busily Rooting 64-Bit Machines

An anonymous reader writes "Running 64-bit Linux? Haven't updated yet? You're probably being rooted as I type this. CVE-2010-3081, this week's second high-profile local root exploit in the Linux kernel, is compromising machines left and right. Almost all 64-bit machines are affected, and 'Ac1db1tch3z' (classy) published code to let any local user get a root shell. Ac1db1tch3z's exploit is more malicious than usual because it leaves a backdoor behind for itself to exploit later even if the hole is patched. Luckily, there's a tool you can run to see if you've already been exploited, courtesy of security company Ksplice, which beat most of the Linux vendors with a 'rebootless' version of the patch."

Re:*Yawn* Local Root Exploit

[IICV]

Heh, I think you don't quite understand what "local access" means.

It means that the user has an account on the machine, which may be used remotely. It doesn't mean that they have physical access to the computer.

Local user accounts are generally considered to only be a short step up from actual physical access in terms of how big your vulnerability surface is. College students have been proving for years that once you give someone a local user account, you've almost certainly given them root access at some point in the future.

Re:Oh Noes

[LinuxAndLube]

Are you ready to put your money where your mouth is? I set up a Windows server and you have 24 hours to remotely root it. If you succeed, I give you 1000 USD. If not, you give me 1000 USD.