Language Selection

English French German Italian Portuguese Spanish

A Tale of Two Root Exploits, and Why We Shouldn't Panic

Filed under
Security

There's no denying Linux is more secure than perpetually-patching Windows, but the past month or so has not provided an ideal demonstration.

In August, we saw the arrival of a long-overdue fix for a kernel bug that was six years old; now, in the last week or so, it's been not one but two root exploits causing a fuss.

"Running 64-bit Linux? Haven't updated yet? You're probably being rooted as I type this," was the introduction on Slashdot to CVE-2010-3081, the second such vulnerability to come to light in recent days.

Preceding it by just a few of those days, of course, was CVE-2010-3301, which had actually been discovered and fixed back in 2007 before the patch was inexplicably removed again the very next year, reintroducing the vulnerability.

Put it all together, and you'll see why more than a few Linux bloggers have been scratching their heads about security.

A Matter of Size?




More in Tux Machines

Q4OS 1.2 final

We are proud to announce the immediate availability of the new Q4OS 1.2 release, codenamed 'Orion', supported until 1st May 2020 at least. Read more Also: Q4OS 1.2 Arrives with the Trinity Desktop Environment, Based on Debian 8.0 Jessie

Debian 8 Jessie Is an LTS Release, Supported for the Next 5 Years

The Debian Project had the pleasure of announcing the general availability of the Debian GNU/Linux 8.0.0 (codename Jessie) computer operating system on April 25, 2015, which will be an LTS (Long Term Support) version supported with security patches and software updates until year 2020. Read more

Mageia 5 RC is Out: A Quick Test Drive

The general experience was that of working with the same system I have (Mageia 4). No crashes, no weird slow-downs, no problems with multiple wallpapers, as Megatotoro reports here Plasma 5 is showing... aside from the missing IME, I felt like at home. Read more

Debian 9.0 (Stretch) Already Planned, First Point Release for Debian 8.0 in a Month

A new stable Debian release has been made available to the community, and the developers are already talking about the first point release for the 8.0 branch, which should arrive in about a month. Read more