Announcement

Collapse
No announcement yet.

New Kernel Vulnerability Allows Local Root For Unprivileged Processes

Collapse
X
Collapse
 
  • Page of 5
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 4 5 template Next
  • #1

    New Kernel Vulnerability Allows Local Root For Unprivileged Processes

    Phoronix: New Kernel Vulnerability Allows Local Root For Unprivileged Processes

    There is yet another new Linux kernel vulnerability being disclosed today that allows for unprivileged processes to gain kernel code execution abilities...

    http://www.phoronix.com/scan.php?pag...-CVE-2016-8655
    Tags: None
  • #2
    I just checked my own system. I already got the fix without even knowing it! So nice to have security updates set to "downaload and install automatically"
    • 1 like

    Comment

    • #3
      Stable kernel 4.8.12 is still vulnerable (released on 2016-12-02). WTF?

      Wow, the fix is not even in the stable queue yet: http://git.kernel.org/cgit/linux/ker...queue.git/log/
      Last edited by birdie; 12-06-2016, 10:08 PM.
      • 1 like

      Comment

      • #4
        Originally posted by birdie View Post
        Stable kernel 4.8.12 is still vulnerable (released on 2016-12-02). WTF?

        Wow, the fix is not even in the stable queue yet: http://git.kernel.org/cgit/linux/ker...queue.git/log/
        To be fair, the vast majority of people use "distro Kernels" and these backport security fixes that are independent from upstream Kernel from Kernel.org.
        • 3 likes

        Comment

        • #5
          This is getting ridiculous.

          Comment

          • #6
            Honestly. If you care about security you should be using Windows. There are lot of nerdy reasons to use linux, but security is not one of them.

            Comment

            • #7
              Originally posted by garegin View Post
              Honestly. If you care about security you should be using Windows. There are lot of nerdy reasons to use linux, but security is not one of them.
              Oh yes, you Are right! Microsoft has showed how they Care about security quite a lot in the past. Especially with their security patches coming only about 2 years late.
              • 6 likes

              Comment

              • #8
                Originally posted by garegin View Post
                Honestly. If you care about security you should be using Windows. There are lot of nerdy reasons to use linux, but security is not one of them.
                Honestly. You beat me to trolling this thread.
                • 6 likes

                Comment

                • #9
                  As this is a use after free issue, is this something that could have been prevented simply by using Rust instead?
                  Safe Rust would catch it, but in a kernel code like this might have to be wrapped in unsafe blocks anyway?

                  Comment

                  • #10
                    Originally posted by garegin View Post
                    Honestly. If you care about security you should be using Linux. There are lot of gaming reasons to use Windows, but security is not one of them.
                    fixed.

                    • 7 likes

                    Comment

                    Previous 1 2 3 4 5 template Next
                    Working...
                    X