Corrine Posted March 7, 2022 Share Posted March 7, 2022 Via Bleeping Computer at New Linux bug gives root on all major distros, exploit released: Quote A new Linux vulnerability known as 'Dirty Pipe' allows local users to gain root privileges through publicly available exploits. Today, security researcher Max Kellermann responsibly disclosed the 'Dirty Pipe' vulnerability and stated that it affects Linux Kernel 5.8 and later versions, even on Android devices. Additional information at the referenced article. 1 1 Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted March 8, 2022 Share Posted March 8, 2022 My kernel is not that new. No worries for me... not that I was very worried, anyway. 1 Quote Link to comment Share on other sites More sharing options...
sunrat Posted March 8, 2022 Share Posted March 8, 2022 Quote "local users" It's been said many times before, if someone has physical access to your machine, you're screwed anyway. Nearly all sensational Chicken Little posts about Linux exploits have been in this vein lately. While I don't diminish that they may be of concern, it's often essentially clickbait. 3 1 Quote Link to comment Share on other sites More sharing options...
crp Posted March 9, 2022 Share Posted March 9, 2022 4 hours ago, sunrat said: It's been said many times before, if someone has physical access to your machine, you're screwed anyway. Nearly all sensational Chicken Little posts about Linux exploits have been in this vein lately. While I don't diminish that they may be of concern, it's often essentially clickbait. I agree and I've told the admin of most of our linux boxes not to fret about this - yet. The one thing that was mentioned that gives me slight worries is that as i saw mentioned this is so easy that it may increase the attempts and sophistication to get just the remote shell access needed to do the deed. but i'll wait for reports of such before worrying just about this bug. Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted March 9, 2022 Share Posted March 9, 2022 17 hours ago, sunrat said: It's been said many times before, if someone has physical access to your machine, you're screwed anyway. That is quite true. I can do "magic" with the thumb drive that's on my wallet chain. It has Porteus on it. With that little portable Linux, I can do MUCH damage to any system I plug into. A few times in the past, I've demonstrated this to folks who told me about how "hardened" their Windows (and a Linux or two) systems were. I sat down at their desks and had access to their "hardened" data in a matter of moments. If you REALLY want security on your physical system, you need have your drives/partitions encrypted... or keep your tower/laptop stored in a... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.