Language Selection

English French German Italian Portuguese Spanish

Major Linux security hole found

Filed under
Linux
Security

Security, the experts like to tell us, is a process, not a product.

With open source that can be a very good thing since when security problems are found they can be fixed quickly. That's the case over this last weekend, Feb. 9-10, when a security problem was found, and given a hot fix, in the 2.6.17 to the most recent production Linux kernel, 2.6.24.1.

The problem's exploit was first shown on the security site Milw0rm. The specific trouble is with the kernel system call sys_vmsplice. There is no perfect patch for the problem at this time. There is, however, a hot fix, which prevents if from being exploited in at least some systems.

More Here

Also:

There has been a set of stable kernel releases (2.6.22.18, 2.6.23.16, and 2.6.24.2), all of which fix the recently disclosed splice() security hole. This vulnerability is an easy root exploit on any of the affected systems (almost every kernel from 2.6.17 on), so applying the fix would be a good thing to do.

Stable and unstable kernel releases




More in Tux Machines

Weston's IVI Shell Sees New Version

There hasn't been much in the way of exciting Wayland/Weston developments to report on this month, but its development is continuing in its usual manner. Out today is another version of the Weston IVI Shell as it still works to being accepted upstream. The weston-ivi-shell is a reference shell for Wayland's Weston compositor running on In-Vehicle Infotainment (IVI) systems. The Weston-IVI work dates back many months and today's revision to the shell marks its eighth public version as it still seeks to be accepted into mainline Weston. Read more

Python 3 Support Added To The GNOME Shell

The GNOME Shell 3.15.2 release fixes some visual glitching, improves the layout of the extension installation dialog, supports the CSS margin property, and offers other bug fixes and minor enhancements. Most notable to GNOME Shell 3.15.2 though is there's finally Python 3 support. Many GNOME components have long ported their Python 2 code to Python 3 while GNOME Shell's Python support has just received the Py3 treatment. Details on GNOME's overall Python 3 porting work can be found via this Wiki page. Read more

Clonezilla Live 2.3.1-15 Now Available with Check for 32-bit Libraries

Clonezilla Live is a Linux distribution based on DRBL, Partclone, and udpcast that lets users perform bare metal backup and recovery with ease. The developers have just upgraded the system and it's now at version 2.3.1-15. Read more

Workaround Found for Annoying Workspace Switcher Bug in Ubuntu 14.10

The virtual desktops on Ubuntu systems have been working very well in the last few editions, but it looks like there is a problem in Ubuntu 14.10, at least for the system I'm running. The desktop locks up with the workspace switcher activated. Read more