Language Selection

English French German Italian Portuguese Spanish

Bug in latest Linux gives untrusted users root access

Filed under
Linux
Security

A software developer has uncovered a bug in most versions of Linux that could allow untrusted users to gain complete control over the open-source operating system.

The null pointer dereference flaw was only fixed in the upcoming 2.6.32 release candidate of the Linux kernel, making virtually all production versions in use at the moment vulnerable. While attacks can be prevented by implementing a common feature known as mmap_min_addr, the RHEL distribution, short for Red Hat Enterprise Linux, doesn't properly implement that protection, Brad Spengler, who discovered the bug in mid October, told The Register.

What's more, many administrators are forced to disable the feature so their systems can run developer tools or desktop environments such as Wine.

The vulnerability was first reported by Spengler, a developer at grsecurity, a maker of applications that enhance the security of Linux. On October 22, he wrote a proof of concept attack for the local root exploit. Over the past few months, he has emerged as an outspoken critic of security practices followed by the team responsible for the Linux kernel.

Rest Here




More in Tux Machines

Latest Ubuntu Touch SDK Updates Focus on Convergence Features for OTA-6

On the last day of July 2015, Canonical's Zoltán Balogh posted an important email on the Ubuntu Touch mailing list, informing us all about the work done lately on the Ubuntu SDK (Software Development Kit) software. Read more

Wifislax 4.11.1 Linux Distro Arrives with Linux Kernel 4.1.3 LTS, Xfce 4.12.3

The developers of the popular Wifislax Linux distribution based on the well-known Slackware operating system and built around the KDE and Xfce desktop environments announced the release of Wifislax 4.11.1. Read more

5 Best Linux Desktop Environments With Pros & Cons


Picture

If you are new to Linux then I'm sure you are giving up lots of time choosing Desktop Environment of your Linux Distribution. You are probably thinking to give a try to each one of them but that's very time consuming. Edit - There are other good DEs also That's why I'm reviewing the 5 Best Linux Desktop Environments with the pros & cons. The article gives you what you should know for choosing a DE. So let's get started!

Redis open source DBMS overview

Redis runs on Linux. Although the Redis project doesn't directly support Windows, Microsoft Open Technologies develops and maintains a Windows port targeting Win64. The Redis open source DBMS is available as a BSD license. The Redis community offers support through the official mailing list as well as #redis on Freenode. Commercial support is available through Pivotal, the official sponsor of Redis. Pivotal offers two levels of professional support. Read more