Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: A Linux vulnerability  (Read 2525 times)

sevenlayermuddle

  • Helpful
  • Addicted Kitizen
  • *
  • Posts: 5369
A Linux vulnerability
« on: October 22, 2016, 12:06:39 AM »


http://arstechnica.com/security/2016/10/most-serious-linux-privilege-escalation-bug-ever-is-under-active-exploit/

As with most Linux issues,  by the time it's reported, it's already been patched.   :)

But more worrying, and unusually, they are suggesting evidence that it had already been exploited in the wild.   :o
Logged

burakkucat

  • Respected
  • Senior Kitizen
  • *
  • Posts: 38300
  • Over the Rainbow Bridge
    • The ELRepo Project
Re: A Linux vulnerability
« Reply #1 on: October 22, 2016, 12:26:10 AM »

As you have now mentioned it, I am prepared to say that over the past two days (Thursday 20th and Friday 21st October) I have built five separate kernel package sets (which contain the patched code) for users of RHEL5, RHEL6 and RHEL7 (& thus the clones: Scientific Linux, CentOS).  :)

According to Linus Torvalds, the original flaw was patched eleven years ago but was then subsequently broken by further patches being applied to resolve problems in the architecture specific code for the s390.  ::)
Logged
:cat:  100% Linux and, previously, Unix. Co-founder of the ELRepo Project.

Please consider making a donation to support the running of this site.

sevenlayermuddle

  • Helpful
  • Addicted Kitizen
  • *
  • Posts: 5369
Re: A Linux vulnerability
« Reply #2 on: October 22, 2016, 12:30:28 AM »

To be clear, the suggestion is that the kernel has been vulnerabe for the past nine years, regardless of what may have happened in the interval between nine and eleven years. :)
Logged