Language Selection

English French German Italian Portuguese Spanish

Linux Vendors Rush to Patch Privilege Escalation Flaw After Root Exploits Emerge

Filed under
Linux

Linux vendors are rushing to patch a privilege escalation vulnerability in the Linux kernel that can be exploited by local attackers to gain root access on the system.

The vulnerability, which is identified as CVE-2012-0056, was discovered by Jüri Aedla and is caused by a failure of the Linux kernel to properly restrict access to the "/proc/
/mem" file.

Linus Torvalds submitted a patch on the official Linux kernel repository on Jan. 17, but before Linux vendors had a chance to apply it for their distributions, proof-of-concept exploit code already appeared online.

rest here




More in Tux Machines

Do Your Prefer Modern Or Traditional Linux Desktop Environments?

So what kind of Linux desktop environments do you prefer? Do you prefer the modern desktop environments with maybe less flexibility but perhaps better desktop integration and slightly more intuitive or do you like things more traditional with menus and panels? Maybe you don't care so long as you can make it the way you want it. Let me know in the comments below. Read more

illume OS 3 Linux Distro Officially Released, Based on Debian 8.1 "Jessie"

Clarence Siew was very proud Softpedia earlier today, July 4, about the immediate availability for download of the final version of his illume OS 3 distribution based on Debian GNU/Linux. Read more

LibreOffice 5, a foundation for the future

The release of the next major version of LibreOffice, the 5.0, is approaching fast. In several ways this is an unique release and I’d like to explain a bit why. Read more

Samsung Continues to Lessen Android Dependence

Samsung's partnership with members of the Linux Foundation appears to be bearing fruit. The partnership's mobile operating system -- dubbed Tizen -- is Linux-based. Samsung's initial Tizen phone rollout was rocky: The company's highly anticipated Samsung Z launch in Russia was quickly canceled last year, and the company blamed concerns about the ecosystem for the delay. Unfortunately, in many cases, ecosystem development presents a "chicken and egg" problem: Developers won't build apps until you have users, and users won't select your product until you have apps. Read more