The Flat Earth Society
Other Discussion Boards => Technology & Information => Topic started by: xasop on January 20, 2016, 02:20:15 AM
-
Linux version 3.8 and newer, which accounts for most modern desktop and server Linux systems, as well as most Android devices, is subject to a local privilege escalation attack.
http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/
I don't have time to write a lot now (I'm posting from my phone at work), but basically this allows any untrusted application to gain full administrative permissions. There are situations which make this bug more difficult to exploit, but as the consequences are dire, you should patch any systems you maintain which are affected.
In case you missed it before: This affects Android, at least most recent devices (from the past couple of years or so). If you have an Android device and you see a software update available, install it now!
Edit: In case anyone was wondering, we're not vulnerable. The server hosting this forum is running a kernel too old to be affected.
-
running a kernel too old to be affected.
Ah, yes, the Unisys strategy.
-
I'm running kernel version 3.4 on my phone. Thanks for the heads up!
-
And this is why Apple is so paranoid with iOS. Never works though. '"iOS 9 has no root!" he reads as looks at MTerminal on iOS 9.0.2'
The problem with this is that Android users are aware of the fact that their device is a computer and is therefore vulnerable to attacks. Apple users are led to believe iOS is exploit proof. When was the last time Android could be completely exposed by one website?
</rant>
-
When was the last time Android could be completely exposed by one website?
</rant>
ummm... Last November.
http://www.pcmag.com/article2/0,2817,2495136,00.asp
-
Ah, sorry. Didn't hear about that.