Kernel security flaw??
bsilver at chrononomicon.com
Sun Feb 24 22:40:59 UTC 2008
Karl Larsen wrote:
> geoffrey froner wrote:
>> I saw the following report at the Gentoo site. Not being an expert with
>> Linux, I am at a loss to understand the impact. Is this something Ubuntu
>> users need be concerned? Is there already a patch for this problem?
>> "Two *major security flaws in the Linux kernel* were reported last weekend.
>> Both flaws have the same impact (*root access for local users*) and both
>> exist within the vmsplice() system call, which was added to the kernel in
>> 2.6.17. There is no configuration option to exclude vmsplice() so *everyone
>> is vulnerable."
> Well this is a problem since if someone can get on your computer
> they can ruin it. I know from experience that a simple user password can
> be used by a ssh user to get access to my computer. Now my password for
> user karl is not simple.
> If you have a simple password for your user login, change it to a
> good one like wq2TyFg.
WTF?! How'd you get my password?!
From the sounds of it, it's a local user exploit; basically, if you
have other users on your system you should be concerned, and if someone
employs an exploit for another application to get local access then uses
this one they can gain root access to your system (i.e., take advantage
of Apache to break your web server, then this exploit to gain root,
you're in trouble.)
More information about the ubuntu-users