RDS Protocol Bug Creates a Linux Kernel Hole, Now Fixed

Trailrunner7 writes "The open-source Linux operating system contains a serious security flaw that can be exploited to gain superuser rights on a target system. The vulnerability, in the Linux implementation of the Reliable Datagram Sockets (RDS) protocol, affects unpatched versions of the Linux kernel, starting from 2.6.30, where the RDS protocol was first included." The article goes on to say, though, that "Linux installations are only vulnerable if the CONFIG_RDS kernel configuration option is set, and if there are no restrictions on unprivileged users loading packet family modules, as is the case on most stock distributions," and that Linus Torvalds has committed a fix.

Linux again?!

How come Slashdot never has any news about Apple or Google? /duck

Re:Linux again?!

Because they are too busy making up excuses for why Linux has all these security issues despite the claim that it's InherentlySecure(TM).

Exasperated Linus

[BadAnalogyGuy]

It must piss him off to no end when people add broken features like this to his operating system.

If it were MS, it would be months later

[Maarek]

Until the fix was sent out to everyone. Even though Apple and MS people find something like this with Linux, the issue is immediately fixed and distributed overnight rather then waiting for a committee from Microsoft to fix the problem months from now.

Re:NOW FIXED =/= FIX NOW AVAILABLE

[MichaelKristopeit+13]

git doesn't run itself, moron.

ur mum's face don't know how git works

Re:NOW FIXED =/= FIX NOW AVAILABLE

[MichaelKristopeit+24]

no one said the bug wasn't fixed... the story title implies the "linux kernel hole" was fixed, when it clearly wasn't. any kernels compiled WHILE THE BUG WAS NOT FIXED are not fixed until the fix is applied.

you're an idiot.

why do you cower? what are you afraid of?