Local Root Hole in Linux Kernels

xepsilon writes "A local Linux security hole using ptrace has been discovered that allows a potential attacker to gain root privileges. Linux 2.2.25 has been released to correct this security hole, along with a patch for 2.4.20-pre kernels. 2.4.21 ought to contain this fix, once it is released. 2.5 is not believed to be vulnerable to this security hole. See this email from Alan Cox for details, and a patch."

A bug!?!?11

[Anonymous Coward]

... must be Microsoft's fault since it's posted on /.

How is Microsoft responsible?

[jmulvey]

With all the brainpower on /. I'm sure we can discover a way.

Got Root?

[FAngel]

Got Root?

It's Tuesday

[Anonymous Coward]

Journal Entries:

(looks at watch) its monday again... time to go patch my IIS

(looks at watch) its tuesday again... time to go patch linux.

Re:Got Root?

[Anonymous Cow herd]

I do now >:)

This has to be erroneus.

[Anonymous Coward]

After all, Linux is perfect, right? Linux has NO vulnerabilities. It's that OS from Bill that is buggy, right?

Re:Got Root?

[cyb97]

Just give me a minute ;-)

Love the headline

[L. VeGas]

Lo-Cal Root Hole in Linux Kernels

I think I saw this in an advertisement for granola.

mmmm... breakfasty

Hole Found in Linux Server

[ch-chuck]

(Server Room, DP) A hole was found in 'cypress', one of the principle Linux file, email and web servers of Brapco Corp early today. "We were dusting out around the back", said Mike Koyro, IT manager of Brapco, "and there it was, right by the power supply." The hole was quickly verified by other members of the IT dept as "really there". Speculation that it may be a screw hole was quickly dispelled when Frank, chief scripting officer, pointed out it didn't have any threads, and no screws were found loose anywhere nearby. "If someone got in here and drilled it during the night, they sure did a clean job - there's no shavings on the floor and the hole has no burrs" observed Mike. "It was either a professional job, with a sharp bit and machining oil, or a manufacturing defect". Calls to Linux Security were unanswered as of press time.

IT'S IN ENGLISH!!!

[strredwolf]

Haleulia and pass the green beer. It's not in Welsh.

BTW: If you haven't read, or tried to read, Alan's blog you won't get the joke.

Hrm

[B3ryllium]

I guess they were just trying to out-do the IIS hole [cert.org].

Ah well ... there's always "linux single" ... :)

Re:How is Microsoft responsible?

[lavalyn]

Microsoft would have a monopoly on privilege escalation exploits if not for Linux.

Re:Huh

[ageOfWWIV]

We're not patching, we're in denial.

Re:This has to be erroneus.(aehm erroneous)

[Anonymous Coward]

English is my second language, but I`m pretty sure
it should be erroneous.
Or was that on purpose? That`d be funny.

Huh?

[Anonymous Coward]

Linux has security problems? I've been reading this site for so long, I thought that was only in Microsoft's domain.

Re:How is Microsoft responsible?

[kfg]

I think the late George Mallory put it rather succinctly:

"Because they're there."

On the other hand, in the words of Voltaire:

"If Microsoft didn't exist it would be necessary to invent them."

However, regarding the current kernel situation I think my deeply missed old granny put it best:

"Oh fuck."

KFG

Re:Kernel Patches

[kfg]

Who's a sysadmin to trust?

Ummmmm, Ghostbusters?

KFG

Re:It's Tuesday

[charon_on_acheron]

Four day week, huh? Must be nice. :^P

Re:Known exploits?

[Soko]

The Linux 2.2 and Linux 2.4 kernels have a flaw in ptrace. This hole allows
local users to obtain full privileges. Remote exploitation of this hole is
not possible. Linux 2.5 is not believed to be vulnerable.

It isn't a remote exploit. Anyone who is foolish enough to attempt to h4X0r your b0X0rz with this vulnerability is within the normal attack range of a LART [bofh.net].

Please, do patch any affected machines you have as soon as possible, but don't *ahem* panic.

Soko

Re:IT'S IN ENGLISH!!!

[cyb97]

Like the welsh doesn't use any excuse to get drunk?
Come one grow up! Anybody that knows about st. paddy uses it as an excuse to get smashed on a monday!

In the meantime...

[TheSHAD0W]

Until the patch has been tested and distributed, you can prevent the bug from being exploited by locking the door to your office.

Huh?

[FireballFreddy]

St. Patrick's Day, a perfectly valid and socially acceptable excuse to get rip-roaring pissed, and you say it's *only* for the Irish? I'm sorry, please hand in your geek membership card. You aren't allowed to post here anymore.

Re:No need to panic...

[Christopher_G_Lewis]

I have absolutely no need to fear.

I run a box with no ethernet connection, no keyboard and no monitor.

When I want to be *extra* careful, I run it without the powercord. :-)

Re:Huh?

[vsprintf]

Linux has security problems? I've been reading this site for so long, I thought that was only in Microsoft's domain.

We do want to make Windows users feel at home as they migrate to a Linux desktop. We don't expect 'em to go cold turkey right away.

Re:This has to be erroneus.

[zebs]

After all, Linux is perfect, right? Linux has NO vulnerabilities. It's that OS from Bill that is buggy, right?

Its bugs from code Billy-boy wrote under a pseudonym

Re:How is Microsoft responsible?

[kasperd]

Microsoft would have a monopoly on privilege escalation exploits

No, Microsoft has a bulletproof way to prevent privilege escalations. They simply make sure the attacker gets all privileges at once, then there is nothing to escalate.

Tux is Welsh!!!

[schon]

I know "Cymru" means "Welsh" but that's about it.

Tux, the beloved Linux mascot is Welsh!

It's true! Tux is a penguin..

Penguin is derived from two Welsh words: Pen (head) and Gwynn (white)...

So (besides Alan) there is another link between Wales and Linux.

(That, and I've tripled your knowledge of the Welsh language :o)

Re:I'm not going to patch.

[gosand]

Have you considered the possibility of someone exploiting a non-root remote hole on your box and now having the ability to escalate themselves to root?

Well, I, ahhh....

Shut up!

Would someone please mod my previous post down as "fingers faster than brain"?
Thank you.

Re:Got Root?

[wirelessbuzzers]

I do now >:)

I believe you mean "#:)"

Re:This has to be erroneus.

[rusty spoon]

Yeah, that William H. Torvalds III has done a lot of damage with his weasly little kernel hacks, dammit.

Re:Tux is Welsh!!!

[Large Green Mallard]

So Alan's significant other Telsa Gwynne is half penguin?

Kinky :)

And the obligatory..

[mivok]

OpenBSD isnt vulnerable :P

Re:A bug!?!?11

[t0ny]

NOW linux is ready for the desktop