Announcement

Collapse
No announcement yet.

New Kernel Vulnerability Allows Local Root For Unprivileged Processes

Collapse
X
Collapse
 
  • Page of 5
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 4 5 template Next
  • #1

    New Kernel Vulnerability Allows Local Root For Unprivileged Processes

    Phoronix: New Kernel Vulnerability Allows Local Root For Unprivileged Processes

    There is yet another new Linux kernel vulnerability being disclosed today that allows for unprivileged processes to gain kernel code execution abilities...

    New Kernel Vulnerability Allows Local Root For Unprivileged Processes - Phoronix
    http://www.phoronix.com/scan.php?page=news_item&px=Linux-Kernel-CVE-2016-8655
    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
    Tags: None
  • #2
    I just checked my own system. I already got the fix without even knowing it! So nice to have security updates set to "downaload and install automatically"
    • Likes 1

    Comment

    • #3
      Stable kernel 4.8.12 is still vulnerable (released on 2016-12-02). WTF?

      Wow, the fix is not even in the stable queue yet: http://git.kernel.org/cgit/linux/ker...queue.git/log/
      Last edited by birdie; 06 December 2016, 10:08 PM.
      • Likes 1

      Comment

      • #4
        Originally posted by birdie View Post
        Stable kernel 4.8.12 is still vulnerable (released on 2016-12-02). WTF?

        Wow, the fix is not even in the stable queue yet: http://git.kernel.org/cgit/linux/ker...queue.git/log/
        To be fair, the vast majority of people use "distro Kernels" and these backport security fixes that are independent from upstream Kernel from Kernel.org.
        • Likes 3

        Comment

        • #5
          This is getting ridiculous.

          Comment

          • #6
            Honestly. If you care about security you should be using Windows. There are lot of nerdy reasons to use linux, but security is not one of them.

            Comment

            • #7
              Originally posted by garegin View Post
              Honestly. If you care about security you should be using Windows. There are lot of nerdy reasons to use linux, but security is not one of them.
              Oh yes, you Are right! Microsoft has showed how they Care about security quite a lot in the past. Especially with their security patches coming only about 2 years late.
              • Likes 6

              Comment

              • #8
                Originally posted by garegin View Post
                Honestly. If you care about security you should be using Windows. There are lot of nerdy reasons to use linux, but security is not one of them.
                Honestly. You beat me to trolling this thread.
                • Likes 6

                Comment

                • #9
                  As this is a use after free issue, is this something that could have been prevented simply by using Rust instead?
                  Safe Rust would catch it, but in a kernel code like this might have to be wrapped in unsafe blocks anyway?

                  Comment

                  • #10
                    Originally posted by garegin View Post
                    Honestly. If you care about security you should be using Linux. There are lot of gaming reasons to use Windows, but security is not one of them.
                    fixed.

                    • Likes 7

                    Comment

                    Previous 1 2 3 4 5 template Next
                    Working...
                    X