Local Root Hole in Linux Kernels 503
xepsilon writes "A local Linux security hole using ptrace has been discovered that allows a potential attacker to gain root privileges. Linux 2.2.25 has been released to correct this security hole, along with a patch for 2.4.20-pre kernels. 2.4.21 ought to contain this fix, once it is released. 2.5 is not believed to be vulnerable to this security hole. See this email from Alan Cox for details, and a patch."
A bug!?!?11 (Score:0, Funny)
How is Microsoft responsible? (Score:5, Funny)
Got Root? (Score:5, Funny)
It's Tuesday (Score:5, Funny)
(looks at watch) its monday again... time to go patch my IIS
(looks at watch) its tuesday again... time to go patch linux.
Re:Got Root? (Score:5, Funny)
This has to be erroneus. (Score:0, Funny)
Re:Got Root? (Score:3, Funny)
Love the headline (Score:4, Funny)
I think I saw this in an advertisement for granola.
mmmm... breakfasty
Hole Found in Linux Server (Score:5, Funny)
IT'S IN ENGLISH!!! (Score:5, Funny)
BTW: If you haven't read, or tried to read, Alan's blog you won't get the joke.
Hrm (Score:4, Funny)
Ah well
Re:How is Microsoft responsible? (Score:5, Funny)
Re:Huh (Score:4, Funny)
Re:This has to be erroneus.(aehm erroneous) (Score:1, Funny)
it should be erroneous.
Or was that on purpose? That`d be funny.
Huh? (Score:0, Funny)
Re:How is Microsoft responsible? (Score:5, Funny)
"Because they're there."
On the other hand, in the words of Voltaire:
"If Microsoft didn't exist it would be necessary to invent them."
However, regarding the current kernel situation I think my deeply missed old granny put it best:
"Oh fuck."
KFG
Re:Kernel Patches (Score:2, Funny)
Ummmmm, Ghostbusters?
KFG
Re:It's Tuesday (Score:3, Funny)
Re:Known exploits? (Score:3, Funny)
local users to obtain full privileges. Remote exploitation of this hole is
not possible. Linux 2.5 is not believed to be vulnerable.
It isn't a remote exploit. Anyone who is foolish enough to attempt to h4X0r your b0X0rz with this vulnerability is within the normal attack range of a LART [bofh.net].
Please, do patch any affected machines you have as soon as possible, but don't *ahem* panic.
Soko
Re:IT'S IN ENGLISH!!! (Score:3, Funny)
Come one grow up! Anybody that knows about st. paddy uses it as an excuse to get smashed on a monday!
In the meantime... (Score:5, Funny)
Huh? (Score:3, Funny)
Re:No need to panic... (Score:5, Funny)
I run a box with no ethernet connection, no keyboard and no monitor.
When I want to be *extra* careful, I run it without the powercord.
Re:Huh? (Score:3, Funny)
Linux has security problems? I've been reading this site for so long, I thought that was only in Microsoft's domain.
We do want to make Windows users feel at home as they migrate to a Linux desktop. We don't expect 'em to go cold turkey right away.
Re:This has to be erroneus. (Score:3, Funny)
Its bugs from code Billy-boy wrote under a pseudonym
Re:How is Microsoft responsible? (Score:5, Funny)
No, Microsoft has a bulletproof way to prevent privilege escalations. They simply make sure the attacker gets all privileges at once, then there is nothing to escalate.
Tux is Welsh!!! (Score:5, Funny)
Tux, the beloved Linux mascot is Welsh!
It's true! Tux is a penguin..
Penguin is derived from two Welsh words: Pen (head) and Gwynn (white)...
So (besides Alan) there is another link between Wales and Linux.
(That, and I've tripled your knowledge of the Welsh language
Re:I'm not going to patch. (Score:4, Funny)
Well, I, ahhh....
Shut up!
Would someone please mod my previous post down as "fingers faster than brain"?
Thank you.
Re:Got Root? (Score:5, Funny)
I believe you mean "#:)"
Re:This has to be erroneus. (Score:3, Funny)
Re:Tux is Welsh!!! (Score:3, Funny)
Kinky
And the obligatory.. (Score:2, Funny)
Re:A bug!?!?11 (Score:3, Funny)