New Linux Kernel Vulnerability Exploited

Articles & Reviews
News Archive
Forums
Premium
Categories

Computers GPUs / Graphics Cards Linux Gaming Memory Motherboards CPUs / Processors Software Storage Operating Systems Peripherals

New Linux Kernel Vulnerability Exploited

Written by Michael Larabel in Linux Kernel on 15 May 2013 at 10:52 AM EDT. 59 Comments

Last month it was the X.Org Server with a noted security vulnerability and now this time around it's the Linux kernel.

There was a perf event vulnerability for the past several kernel releases until it was recently addressed with the perf events code not checking everything submitted from user-space. This issue existed from the Linux 2.6.37 kernel up through the Linux 3.8.8 kernel, plus was also back-ported to the Red Hat Enterprise Linux 2.6.32 kernel.

Making this issue now center-stage is that a zero-day exploit has been released. In about 100 lines of code it provides local privilege escalation on all affected kernels.

59 Comments

About The Author

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 10,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Related Linux Kernel News

Watch Out Upgrading To Linux 4.14 If You Use AppArmor

Linux Kernel Gets An "Enforcement Statement" To Deal With Copyright Trolls

Linux 4.14-rc5 Released

Linux 4.15 Is Shaping Up To be An Exciting Kernel, Especially For AMD Users

Etnaviv Landing Performance Counters For Linux 4.15

Raspberry Pi 7" Touch Panel, SiI9234 To Be Supported By Linux 4.15