Jump to content

New Linux bug gives root on all major distros, exploit released


Corrine
 Share

Recommended Posts

Corrine

Via Bleeping Computer at New Linux bug gives root on all major distros, exploit released:

 

Quote

A new Linux vulnerability known as 'Dirty Pipe' allows local users to gain root privileges through publicly available exploits.

Today, security researcher Max Kellermann responsibly disclosed the 'Dirty Pipe' vulnerability and stated that it affects Linux Kernel 5.8 and later versions, even on Android devices.

 

Additional information at the referenced article.

  • Like 1
  • Thanks 1
Link to comment
Share on other sites

V.T. Eric Layton

My kernel is not that new. No worries for me... not that I was very worried, anyway. :)

  • Like 1
Link to comment
Share on other sites

Quote

"local users"

It's been said many times before, if someone has physical access to your machine, you're screwed anyway.

Nearly all sensational Chicken Little posts about Linux exploits have been in this vein lately. While I don't diminish that they may be of concern, it's often essentially clickbait.

  • Like 3
  • Agree 1
Link to comment
Share on other sites

4 hours ago, sunrat said:

It's been said many times before, if someone has physical access to your machine, you're screwed anyway.

Nearly all sensational Chicken Little posts about Linux exploits have been in this vein lately. While I don't diminish that they may be of concern, it's often essentially clickbait.

I agree and I've told the admin of most of our linux boxes not to fret about this - yet. 

The one thing that was mentioned that gives me slight worries is that as i saw mentioned this is so easy that it may increase the attempts and sophistication to get just the remote shell access needed to do the deed. but i'll wait for reports of such before worrying just about this bug.

Link to comment
Share on other sites

V.T. Eric Layton
17 hours ago, sunrat said:

It's been said many times before, if someone has physical access to your machine, you're screwed anyway.

 

That is quite true.

 

I can do "magic" with the thumb drive that's on my wallet chain. It has Porteus on it. With that little portable Linux, I can do MUCH damage to any system I plug into. A few times in the past, I've demonstrated this to folks who told me about how "hardened" their Windows (and a Linux or two) systems were. I sat down at their desks and had access to their "hardened" data in a matter of moments. If you REALLY want security on your physical system, you need have your drives/partitions encrypted... or keep your tower/laptop stored in a...

 

6136771_1_x.jpg?auto=webp&format=pjpg

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...