Linux Kernel Patch Issued

[CommanderFrank]

Linux finally issued a patch for ‘privilege-escalation vulnerability’ discovered in 2005. It was stressed that the patch be installed as soon as possible.

The memory-corruption bug stems from two memory regions of the X server that grow in the opposite directions in the address space, an attribute inherited from the x86 architecture designed by Intel. Attackers can force the two regions to collide, causing critical control data to be replaced with values that allow the X server to be hijacked

 

[Troz]

But...but..Linux is so much more secure than Windows!

trollface.jpg

 

[Gorankar]

But...but..Linux is so much more secure than Windows!

trollface.jpg

It was a local user exploit. And to be both fair and frank, anyone with a bit of knowledge and physical access to a machine equals a compromised machine regardless of OS.

 

[Ultima99]

Five years to patch it eh?

Boy I sure don't see the same haters that jump on MS when they take FAR FAR less time to patch something.

 

[srangara]

Intel's fault.

 

[brucedeluxe169]

lol yes, because there have been *so many* linux worms/viruses over the years....

i had a feeling that the anti-apple trolling had hit the tipping point and that a new target was about to be picked, so i'm guessing linux it is now

*flame on!*

 

[phide]

Probably a dumb question, but how are kernel patches propagated to users? Is this an automatic process in a major distribution like Ubuntu?

 

[phide]

Boy I sure don't see the same haters that jump on MS when they take FAR FAR less time to patch something.

Microsoft's quarterly revenue is in the tens of billions. Given this fact, I think it's not unreasonable to assume that there are slight differences in terms of the expectations of timely patches between Linux and Windows.

 

[evileye]

Microsoft's quarterly revenue is in the tens of billions. Given this fact, I think it's not unreasonable to assume that there are slight differences in terms of the expectations of timely patches between Linux and Windows.

True, but talking to some numbnuts on the internet you'd think that a company trying to make money is always morally wrong.

 

[devil22]

lol yes, because there have been *so many* linux worms/viruses over the years....

i had a feeling that the anti-apple trolling had hit the tipping point and that a new target was about to be picked, so i'm guessing linux it is now

*flame on!*

Well why don't you tell us exactly why it is linux has so few worms/viruses? I mean, since MS enabled the firewall by default in XP SP2, Windows hasn't had any fast infection worms, and the rest of the garbage it gets infected with is due to market share (90% vs 1%) and noob users (soccer moms and solitaire playing/emailing grandmas vs. super hackers.) What you do is like saying "antartica doesn't have the crime problem the rest of the world has..." and then leave out how sucky and miserable it is to live there and how so few people live there, etc..

 

[dyzophoria]

shouldn't the patch be taken care of sooner?, I was thinking that because of the Open source concept where everyone can see the code, taking care of bugs and exploits fast should be the most advantage Linux has over a closed source (AKA MS) OS.

 

[W.Feather]

Intel's fault.

this was my 1st though when i read the excerpt....

 

[Gorankar]

shouldn't the patch be taken care of sooner?, I was thinking that because of the Open source concept where everyone can see the code, taking care of bugs and exploits fast should be the most advantage Linux has over a closed source (AKA MS) OS.

Yes, it should have been fixed years ago, but it was still a local user exploit. It required local access or another exploit to be found to use in conjunction with it. If someone with skills and malicious intent has physical access to the machine, the battle is already lost anyway.

I am hardly a fan of Nix theses days. Since Vista, I have had little use for it myself, but this is much ado about noting imho.

Well, I suppose, since the nix community did spend so much time talking shit about MS security that they kind of have it coming.

 

[devil22]

Yes, it should have been fixed years ago, but it was still a local user exploit. It required local access or another exploit to be found to use in conjunction with it. If someone with skills and malicious intent has physical access to the machine, the battle is already lost anyway.
...

Well, it shouldn't require physical access to the machine. A flash exploit in the browser would get the attacker in, then this flaw would get the attacker root access, so it's not quite harmless, but no it's not the end of the world either.

 

[devil22]

Oh excuse me GORANKAR, you said 'another exploit could be used' I must have glossed over that.

 

[conholster]

Last paragraph in TFA states Suse fixed this bug in 2004.

 

[Magnus]

True, but talking to some numbnuts on the internet you'd think that a company trying to make money is always morally wrong.

It's not making a profit that's 'morally wrong," it's how most companies (corporations) go about making one.

 

[brucedeluxe169]

Well why don't you tell us exactly why it is linux has so few worms/viruses? I mean, since MS enabled the firewall by default in XP SP2, Windows hasn't had any fast infection worms, and the rest of the garbage it gets infected with is due to market share (90% vs 1%) and noob users (soccer moms and solitaire playing/emailing grandmas vs. super hackers.) What you do is like saying "antartica doesn't have the crime problem the rest of the world has..." and then leave out how sucky and miserable it is to live there and how so few people live there, etc..

hmm, i must have been mistaken, i thought android just recently became the #1 selling smartphone OS....