topic title: kernel
Posts: 70
bbwf
Joined: 19 May 2013
#1
Something I just came across that gave me the willies


The bug affects any kernel version between 2.6.37 and 3.8.9 that was compiled using the PERF_EVENTS option; apparently, this is the case with many distributions. Which exact distributions are affected will hopefully soon become clear when the relevant security updates are released. Linux security expert Brad Spengler has released a detailed exploit analysis.




========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://www.linuxsecurity.com/content/view/159412/169/"
linktext was:"http://www.linuxsecurity.com/content/view/159412/169/"
====================================
Posts: 1,308
BitJam
Joined: 31 Aug 2009
#2
Thanks for posting this information.


========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://arighi.blogspot.com/2013/05/linux-perfevents-root-exploit-cve-2013.html"
linktext was:"This article"
====================================
links to two different solutions. One involves rebuilding the kernel. The other only requires a new kernel module which can be used as a stop-gap until a rebuilt kernel is available.