Help - Search - Members - Calendar
Full Version: Critical Kernel Vulnerability
Linuxhelp > Support > Technical Support
I don't normally do this in tech support .... but there is a kernel issue that allows a local user to gain root privs on the computer, and it affects all standard linux kernels 2.2.0 - 2.2.25, 2.4.0 - 2.4.24, 2.6.0 - 2.6.2 ...(ie virtually all current Linux kernels except 2.4.25 and 2.6.3) ... something similar lead the the break ins on the server machines earlier...

So if someone can get regular user access on your machine ... without the updates, they can also get root.

There is an entry already in the Security Advisories section on this issue....and how to fix it for many Distros....
Very scary stuff, thanks for the post, I wasn't aware of this until I read your post. This may lead to some people bashing linux for not being as secure as other operating systems, but I think this goes to show how quickly vulnerabilities get out there, and how quick the kernel team are to patching these problems. Providing system admins read potential vulnerabilities and patch their systems, this shouldn't be much of an issue.
Linux is more secure (by far) than windows ...

heck, the latest virus for windows (w32.beagle.j@mm) opens a trojan directly and writes to registry areas that only admins should be able to as a non admin user. It was found on 3/2/04 ... The virus definitions from 2/18/04 (2 weeks before it was found) would prevent it from infecting your PC ... and already (in 6 days) several thousands of computers are infected with the virus ... allowing complete access to admin functions by anyone who can scan for open port 2745....

Install the patches and be safe ... and this is a major issue, but it pales in comparison to something that opens a direct port in with admin level access.
Quick question. How do you check to see which version of the kernel you are using?
uname -r
There wouldn't happen to be some quick and painless way to use apt-get to patch a kernel, would there be? XD

Last time I tried to switch to 2.6.3 kernel (downloaded the source) by following a guide (On this site I think), I was unable to do so (some problems, don't remember what).

No offense, but it is true in a sense that linux is less secure out of the box than windows (And windows has a nifty Windows automatic update feature). I'm sure linux is more secure if you've spent days securing it, but for home users, it seems that windows is safer. smile.gif
Windows is very unsecure in the default setup ... all versions except XP have no firewall (and XP's isn't turned on by default). Meaning that without buying other software (like ZoneAlarm), people can connect to your port 135/139 and read any shares you have. On the server side, Worms like CodeRed II and Nimda will connect to an unpatched IIS server and install a trojan during normal operations ... and then your IIS server will start infecting other IIS servers.

When you put Office and outlook in the mix, if you have the preview feature turned on for e-mail, scripts can execute without you actually opening your e-mail and if you don't have the latest anti-virus software installed with the latest patches.

Internet Explorer all the time has vulnerabilites that all trojans to be run by just visiting an infected site.

Since there is no default firewall, all anyone has to do is scan for the open windows trojans ... take control of the PCs, then use them for doing DDos attacks, for forwarding spam, etc. Comcast is turning off people's cable who are infected with trojans until they get them cleand to try and cut back on the SPAM that is unknowingly sent out on it's cable network.

Contrast that with a linux setup, that defaults with iptables on, and you have to specifically allow ports in or turn off the firewall before anyone can connect to your PC from the outside.

Windows is much easier to use (for the average home user) than Linux, it certainly has more software and hardware support from third parties .... and Windows Update is easier to use than most Linux update methods ... I will give you that. It is not very secure, however.
You can use dselect in debian to get a new kernel ... you want to first do:

apt-get update


dselect update



Deselect is menu driven ... go to select and then:

You want to pick a kernel-image that is right for your machine ... if you use the / key, you can then type kernel-image ... then just use / and press enter to find the same thing (kernel image).

Do you use grub as you boot loader or lilo ...

*backs away slowly* Fair enough then. happy.gif Thanks

Oh, I use lilo (sorry for late reply)

Hey ... not only is your ATI video working ... you now have a 2.4.25 slackware kernel (which makes you not vulnerable to this problem) ... at least on that machine smile.gif

And it's all thanks to me. *darts eyes around before cackling crazily*

Thanks for the help on that, btw. happy.gif
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2018 Invision Power Services, Inc.