10.04 LTS kernel security problem?
George Patterson
george.patterson at gmail.com
Thu May 12 06:37:28 UTC 2011
A security guard might be more appropriate.
If an intruder is standing in front of the machine, then it could be game
over. DOS is as simple as pulling a plug, power or network will do.
Or pick up the machine and walk out the door. Key loggers?
It is easy to get caught up the electronic attacks when the physical attack
could be more devastating, at least short term.
Regards
George
On May 12, 2011 2:08 PM, "Ian Fleming" <iflema at yahoo.com.au> wrote:
> On Thursday, May 12, 2011 12:40:48 AM Ian Fleming wrote:
>> On Wednesday, May 11, 2011 11:11:38 PM David wrote:
>> > Hi folks,
>> >
>> > I clean-installed 10.04 LTS two days ago. In a computer mag I read
>> > something about Ubuntu (or Linux kernel) vulnerabilities for 10.04
being
>> > discovered recently. I may be remembering it wrong, but I thought the
>> > mag said that if you had kernel 2.6.35.25 then you are in the clear.
>> >
>> > When my 10.04 boots it shows the number as 'Linux 2.6.32.31-generic'.
>> >
>> > Straight after installing I had let Update Manager get the OS up to
>> > date. Am I in the clear, as far as these alleged vulnerabilities go? Or
>> > is there something else I have to do to 'get a newer kernel'?
>> >
>> > Thanks in advance,
>> >
>> > Dave
>>
>> hi Dave...
>>
>> Know security issues will be patched asap and that includes LTS releases.
>>
>> Ubuntu adds its own patches to the vanilla kernel and so maintains its
own
>> kernel to a certain extent.
>>
>> A list of known vulnerabilities for Ubuntu release can be found here:
>> http://www.ubuntu.com/usn/lucid/
>>
>> Its hard to answer your question without more information re the issue.
>>
>> There is a good chance that Ubuntu has a patch/update for it even though
>> the kernel version is lower than others.
>
> For Ubuntu linux-image-2.6.35-25-generic + covers what is mentioned in the
> article.
>
> Local exploit - meaning the attacker would need physical access to the
> machine.
>
> And there is not much to stop that... Encryption maybe?
>
> =)
>
> --
> ubuntu-au mailing list
> ubuntu-au at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-au
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-au/attachments/20110512/3e393d2c/attachment.html>
More information about the ubuntu-au
mailing list