Language Selection

English French German Italian Portuguese Spanish

Major Linux security hole found

Filed under
Linux
Security

Security, the experts like to tell us, is a process, not a product.

With open source that can be a very good thing since when security problems are found they can be fixed quickly. That's the case over this last weekend, Feb. 9-10, when a security problem was found, and given a hot fix, in the 2.6.17 to the most recent production Linux kernel, 2.6.24.1.

The problem's exploit was first shown on the security site Milw0rm. The specific trouble is with the kernel system call sys_vmsplice. There is no perfect patch for the problem at this time. There is, however, a hot fix, which prevents if from being exploited in at least some systems.

More Here

Also:

There has been a set of stable kernel releases (2.6.22.18, 2.6.23.16, and 2.6.24.2), all of which fix the recently disclosed splice() security hole. This vulnerability is an easy root exploit on any of the affected systems (almost every kernel from 2.6.17 on), so applying the fix would be a good thing to do.

Stable and unstable kernel releases




More in Tux Machines

Back in stock: a ThinkPenguin router that respects your freedom

This is the first home wifi router on the planet that you can go out and purchase that ships only with software that respects your freedom: libreCMC, a distribution of GNU/Linux recently endorsed by the FSF. This is awesome and you should replace your proprietary software-based wireless router at home with one of these! I've personally been using one at home for a few weeks now and I love it. I even made an unboxing video for you so you can see how simple it is to set-up. Read more

Android projector offers 400 lumens on battery power

AAXA’s Android-based M4 is claimed as “the world’s brightest battery powered projector,” with 400 lumens running on battery power, or 800 lumens plugged-in. AAXA Technologies offers a wide variety of projection systems, including a recent Android-based LED Pico Projector selling for $499. The LE Pico received a “Good” rating earlier this week from PCMag, which lauded the 550-lumen projector for its image quality, but dinged it for its poor video quality. Read more

Calligra Gemini Added to Calligra Suite

About a year ago, the Calligra community added a new application to the suite by the name of Krita Gemini, which combined the functionality of the Krita digital painting application with the touch optimised user interface of the tablet focused Krita Sketch, into a shell with the ability to switch between the two at runtime. The goal was to create a responsive user interface for Krita, and this is now a part of Calligra. In May of this year, Intel approached the team which produced Krita Gemini with the idea of doing the same for other parts of Calligra, by creating an application which would encapsulate the Words and Stage components in the same way as Krita Gemini did for the Krita component. Read more

The Great Paradox: On Windows 10 and Innovation

Talk about the paradoxes of life! I woke up today and saw this article mentioning "3 cool features" of Windows 10. Of course the are cool. But they are neither "new" nor "Windows features" at all. The author and I agree on one point: With Windows 10, Windows is becoming more and more like Linux. Read more Also: Testing upcoming versions: Mageia 5 and Windows 10