Exploits Emerge For Linux Privilege Escalation Flaw

angry tapir writes "Linux vendors are rushing to patch a privilege escalation vulnerability in the Linux kernel that can be exploited by local attackers to gain root access on the system. The vulnerability, which is identified as CVE-2012-0056, was discovered by Jüri Aedla and is caused by a failure of the Linux kernel to properly restrict access to the '/proc//mem' file."

Re:iOS now has more marketshare than Android

[tqk]

Pardon me, but I'm going to go watch Firefly now, as it appears none of you make any sense. Bye.

Re:Broken on Android too

[Abreu]

Wuh, I think so, Brain, but if we didn't have ears, we'd look like weasels

Re:Local exploit?

[BasilBrush]

so someone has to be sitting in front of the boxen to exploit the exploit, why not just init 1?

Or they could use axen to destroy the boxen. Or set some foxen on them to tear them to pieces. Or they could fill the boxen with melted waxen. Or bury them in faxen. This exploit is usable by people of both sexen, so long as they pay their taxen.

Re:Broken on Android too

[NeoMorphy]

Really? This bug was only present in kernel releases 2.6.39 and newer. Do any Android devices use kernel's based on a Linux this current? A quick search says Android 2.3. used 2.6.35 and 3.0 used 2.6.36 so the number of devices this might possibly help you root looks miniscule.

I am replying with my new Asus Transformer Prime, which is running ICS(Android version 4.03), kernel is 2.6.39.4.

I'm thinking this bug is God's way of saying "You are loved. Now go forth and exploit your tablet!"

Once again, Windows to the rescue.

Windows isn't affected by this attack. That shows how secure an OS made by professionals is. When you go with the Linux, one made by fly by night amateurs, you will get hacked.