Slashdot Mirror
5-Year-Old Linux Kernel Bug Fixed
rastos1 sends in a report about a significant bug fix for the Linux kernel (CVE-2014-0196).
"'The memory-corruption vulnerability, which was introduced in version 2.6.31-rc3, released no later than 2009, allows unprivileged users to crash or execute malicious code on vulnerable systems, according to the notes accompanying proof-of-concept code available here. The flaw resides in the n_tty_write function controlling the Linux pseudo tty device. 'This is the first serious privilege escalation vulnerability since the perf_events issue (CVE-2013-2049) in April 2013 that is potentially reliably exploitable, is not architecture or configuration dependent, and affects a wide range of Linux kernels (since 2.6.31),' Dan Rosenberg, a senior security researcher at Azimuth Security, told Ars in an e-mail. 'A bug this serious only comes out once every couple years.' ... While the vulnerability can be exploited only by someone with an existing account, the requirement may not be hard to satisfy in hosting facilities that provide shared servers, Rosenberg said."
There's no such thing as "GIT report" mentioned anywhere here, only GIT commits and they're too recent...
Did you mean CVE? CVEs reservation dates don't correspond with bug discovery date - for example, CVE numbered one less than this one is not even created yet, but it lists the same "20131203" reservation date.
Fact: FOSS proponents extremely frequently in the past claimed that OSS was security issue free because of all the review of the code that was happening.
Fact: The code shipped 5 years ago according to the story.
Fact: The story is about a security issue that shipped.
Therefore, pointing out that the proponents of FOSS are full of shit because a bug shipped is not off-topic for a story about a bug shipping in open-source software.
I was simply posting that the argument about when the bug was first reported is irrelevant as the OSS claim is that all bugs are found and fixed before ever shipping.