Announcement

Collapse
No announcement yet.

Linux kernel exploit! Is the world ending?

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Linux kernel exploit! Is the world ending?

    http://www.techworld.com.au/article/...xploits_emerge

    Before some fanboi sticks this in your eye as "proof" that Linux is "just as vulnerable as {other OS here}" remind them of one thing: This is a LOCAL exploit, which means that in order to use it the bad guy has to have physical access to your machine. If they have that then you have other security problems beside this one.
    "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
    – John F. Kennedy, February 26, 1962.

    #2
    Reminds me of the first malware I got on a computer circa 1996. It came from an infected floppy disk. That was when I started my education on malware removal.

    Comment


      #3
      Was that on Win3.1 ?
      "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
      – John F. Kennedy, February 26, 1962.

      Comment


        #4
        https://lists.ubuntu.com/mailman/lis...urity-announce
        --> https://lists.ubuntu.com/archives/ub...ry/thread.html

        Collective quote - 8.04 LTS, 10.04 LTS, 10.10, 11.04, 11.10
        A security issue affects these releases of Ubuntu and its derivatives:

        - Ubuntu 8.04 LTS, 10.04 LTS, 10.10, 11.04, 11.10

        Summary:

        Several security issues were fixed in the kernel.

        Update instructions:

        The problem can be corrected by updating your system to the following
        package versions:

        (to the latest kernel version)

        After a standard system update you need to reboot your computer to make
        all the necessary changes.

        ATTENTION: Due to an unavoidable ABI change the kernel updates have
        been given a new version number, which requires you to recompile and
        reinstall all third party kernel modules you might have installed. If
        you use linux-restricted-modules, you have to update that package as
        well to get modules which work with the new kernel version. Unless you
        manually uninstalled the standard kernel metapackages (e.g. linux-generic,
        linux-server, linux-powerpc), a standard system upgrade will automatically
        perform this as well.
        Last edited by OneLine; Jan 26, 2012, 11:22 AM.
        Have you tried ?

        - How to Ask a Question on the Internet and Get It Answered
        - How To Ask Questions The Smart Way

        Comment


          #5
          I can't remember if it was 3.1 or 95.

          Comment


            #6
            At least we just need to update our kernel to get rid of that local exploit. Otherwise I would get nuts if my box could also be vulnerable to freakish cybernetic attacks, too.

            BTW, glad to be back.
            Multibooting: Kubuntu Noble 24.04
            Before: Jammy 22.04, Focal 20.04, Precise 12.04 Xenial 16.04 and Bionic 18.04
            Win XP, 7 & 10 sadly
            Using Linux since June, 2008

            Comment


              #7
              Originally posted by kyonides View Post
              At least we just need to update our kernel to get rid of that local exploit. Otherwise I would get nuts if my box could also be vulnerable to freakish cybernetic attacks, too.

              BTW, glad to be back.
              And those kernel updates (precomiled!) are installed automatically as they become available. Life is good!

              Glad you are back!
              "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
              – John F. Kennedy, February 26, 1962.

              Comment


                #8
                During my time at Microsoft, there were times where people gloated over various statistics showing that, during some-month-or-other, there were more Linux security bugs than Windows. I remember thinking to myself, what a silly thing to count. Software is created by humans. Humans are imperfect. Therefore, software will be imperfect.

                At the risk of repeating myself, I wrote about this notion recently on the blog at my employer. I've often used the diagram there in presentations; I think it provides the right perspective. There's more to good security than counting vulnerabilities.

                Comment

                Working...
                X