Unprivileged attackers can gain root privileges by exploiting a local privilege escalation (LPE) vulnerability in default configurations of the Linux Kernel's filesystem layer on vulnerable devices.
@DeathByDenim
link
fedilink
1510M

I like how this requires creating so many nested directories that the total file path length exceeds 1 GB. That’s nuts!

@Ripuli
link
fedilink
710M

So my hidden porn folder is a security issue?

kazutrash
link
fedilink
410M

the only way to know it is doing a pen test.

@AgreeableLandscape
mod
admin
link
fedilink
9
edit-2
10M

Genuinely wondering why are so many system 0wning vulnerabilities being discovered this year? Not sure if this says something about security researchers stepping up their game or software security getting worse at the development level.

Helix
link
fedilink
710M

A few months ago, the University of Minnesota got themselves banned for submitting faulty patches to the Kernel.

Maybe security researchers currently focus on more security-related bugs which aren’t obvious at all, maybe it’s just a statistical accumulation of critical patches. Critical vulnerabilities get much more press nowadays and the researchers make up fancy names and webpages for their bugs.

In my opinion, it’s just a coincidence that you notice more of those vulnerabilities this year.

@lorabe
link
fedilink
510M

Maybe it’s not a mistake… remember, when windows developers find a bug, they first report it to the american agencies before patching it.

@spytfyre
link
fedilink
210M

If I’m not mistaken this bug was present in the kernel for years and to be honest was extremely subtle in the first place

systemd is a gift that keeps on giving

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

  • 0 users online
  • 7 users / day
  • 49 users / week
  • 111 users / month
  • 528 users / 6 months
  • 5.34K subscribers
  • 2.13K Posts
  • 6.94K Comments
  • Modlog