Language Selection

English French German Italian Portuguese Spanish

Major Linux security hole found

Filed under
Linux
Security

Security, the experts like to tell us, is a process, not a product.

With open source that can be a very good thing since when security problems are found they can be fixed quickly. That's the case over this last weekend, Feb. 9-10, when a security problem was found, and given a hot fix, in the 2.6.17 to the most recent production Linux kernel, 2.6.24.1.

The problem's exploit was first shown on the security site Milw0rm. The specific trouble is with the kernel system call sys_vmsplice. There is no perfect patch for the problem at this time. There is, however, a hot fix, which prevents if from being exploited in at least some systems.

More Here

Also:

There has been a set of stable kernel releases (2.6.22.18, 2.6.23.16, and 2.6.24.2), all of which fix the recently disclosed splice() security hole. This vulnerability is an easy root exploit on any of the affected systems (almost every kernel from 2.6.17 on), so applying the fix would be a good thing to do.

Stable and unstable kernel releases




More in Tux Machines

Bazel: Google Build Tool is now Open Source

Bazel, the tool that Google uses to build the majority of its software has been partially open sourced. According to Google, Bazel is aimed to build “code quickly and reliably” and is “critical to Google’s ability to continue to scale its software development practices as the company grows.” Read more Also: Q&A: Databases, Open Source & Virtualisation with CEO Vinay Joosery

Ubuntu Kylin 15.04 Beta 2 Is Now Available for Download - Screenshot Tour

After announcing the Ubuntu 15.04 Final Beta and Kubuntu 15.04 Beta 2, it is now time to take a look at the second and last Beta release of the upcoming Ubuntu Kylin 15.04 (Vivid Vervet) operating system that has been designed especially for the Chinese Ubuntu Linux community. Read more Also: Ubuntu MATE 15.04 (Vivid Vervet) Beta 2 Switches to Systemd - Screenshot Tour Ubuntu 15.04 (Vivid Vervet) Final Beta Officially Released - Screenshot Tour

Kubuntu 15.04 Beta 2 Released with KDE Plasma 5 as Default Desktop - Screenshot Tour

Today’s announcement for Ubuntu 15.04 (Vivid Vervet) Final Beta also mentioned the immediate availability for download and testing of Kubuntu 15.04 Beta 2, an official Ubuntu flavor built around the modern and attractive KDE Plasma 5 desktop environment, as well as the KDE Applications project. Read more Also: Xubuntu 15.04 Beta 2 Released, Offers a Neat Xfce 4.12 Experience - Screenshot Tour

today's leftovers