Slashdot Mirror
5-Year-Old Critical Linux Vulnerability Patched (threatpost.com)
msm1267 quotes Kaspersky Lab's ThreatPost: A critical, local code-execution vulnerability in the Linux kernel was patched more than a week ago, continuing a run of serious security issues in the operating system, most of which have been hiding in the code for years.
Details on the vulnerability were published Tuesday by researcher Philip Pettersson, who said the vulnerable code was introd in August 2011.
A patch was pushed to the mainline Linux kernel December 2, four days after it was privately disclosed. Pettersson has developed a proof-of-concept exploit specifically for Ubuntu distributions, but told Threatpost his attack could be ported to other distros with some changes. The vulnerability is a race condition that was discovered in the af_packet implementation in the Linux kernel, and Pettersson said that a local attacker could exploit the bug to gain kernel code execution from unprivileged processes. He said the bug cannot be exploited remotely.
"Basically it's a bait-and-switch," the researcher told Threatpost. "The bug allows you to trick the kernel into thinking it is working with one kind of object, while you actually switched it to another kind of object before it could react."
A patch was pushed to the mainline Linux kernel December 2, four days after it was privately disclosed. Pettersson has developed a proof-of-concept exploit specifically for Ubuntu distributions, but told Threatpost his attack could be ported to other distros with some changes. The vulnerability is a race condition that was discovered in the af_packet implementation in the Linux kernel, and Pettersson said that a local attacker could exploit the bug to gain kernel code execution from unprivileged processes. He said the bug cannot be exploited remotely.
"Basically it's a bait-and-switch," the researcher told Threatpost. "The bug allows you to trick the kernel into thinking it is working with one kind of object, while you actually switched it to another kind of object before it could react."
I don't think so! As we all know, Linux users all look at the source code and understand every line of it and would have seen this issue as soon as it appeared.
This is just more fake news and FUD to scare people away from Linux and FOSS in general.
The real story here, is that 4 days after the vulnerability was made known to the devs, a patch was released.
If an attacker is in the same room as your system, you're already pwnd.
What happened to the "many eyes" argument? Oh yeah that died along with heartbleed and the old SSL codebase.
Only the State obtains its revenue by coercion. - Murray Rothbard