Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: A Linux vulnerability  (Read 422 times)

sevenlayermuddle

  • Helpful
  • Kitizen
  • *
  • Posts: 3099
A Linux vulnerability
« on: October 22, 2016, 12:06:39 AM »


http://arstechnica.com/security/2016/10/most-serious-linux-privilege-escalation-bug-ever-is-under-active-exploit/

As with most Linux issues,  by the time it's reported, it's already been patched.   :)

But more worrying, and unusually, they are suggesting evidence that it had already been exploited in the wild.   :o
Logged

burakkucat

  • Global Moderator
  • Senior Kitizen
  • *
  • Posts: 18793
  • Over the Rainbow
    • The ELRepo Project
Re: A Linux vulnerability
« Reply #1 on: October 22, 2016, 12:26:10 AM »

As you have now mentioned it, I am prepared to say that over the past two days (Thursday 20th and Friday 21st October) I have built five separate kernel package sets (which contain the patched code) for users of RHEL5, RHEL6 and RHEL7 (& thus the clones: Scientific Linux, CentOS).  :)

According to Linus Torvalds, the original flaw was patched eleven years ago but was then subsequently broken by further patches being applied to resolve problems in the architecture specific code for the s390.  ::)
Logged
:cat:  100% Linux and, previously, Unix. Co-founder of the ELRepo Project.

Please consider making a donation to support the running of this site.

sevenlayermuddle

  • Helpful
  • Kitizen
  • *
  • Posts: 3099
Re: A Linux vulnerability
« Reply #2 on: October 22, 2016, 12:30:28 AM »

To be clear, the suggestion is that the kernel has been vulnerabe for the past nine years, regardless of what may have happened in the interval between nine and eleven years. :)
Logged