More information: http://www.h-online.com/open/news/item/Exploit-for-local-Linux-kernel-bug-in-circulation-Update-1863892.html
On Sat, May 18, 2013 at 3:18 PM, Petr Bena <benap...@gmail.com> wrote: > so far I found the problem with perf_events where exploit-containing > binary can elevate permissions of regular user to root. This is indeed > a big issue, but it seems to affect only systems with kernel newer > than 2.6.36 and only these where this feature is enabled. Also it > seems to me that only systems where untrusted users have shell access > are affected by this since it require local execution of exploit. > > But thanks for information, despite it doesn't seem to require urgent > patch on systems with older kernel or any system where untrusted users > have no shell access (such as webservers) I will consider updating my > servers as well asap > > On Sat, May 18, 2013 at 11:47 AM, Happy Melon > <happy.melon.w...@gmail.com> wrote: >> On 17 May 2013 23:26, Petr Bena <benap...@gmail.com> wrote: >> >>> hey, could you point me to that security patch? I am curious as I am >>> myself running bunch of linux boxes >>> >> >> +1 >> _______________________________________________ >> Wikitech-l mailing list >> Wikitech-l@lists.wikimedia.org >> https://lists.wikimedia.org/mailman/listinfo/wikitech-l _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l