User: Password:
|
|
Subscribe / Log in / New account

Local root vulnerability in the kernel

Local root vulnerability in the kernel

Posted May 15, 2013 23:22 UTC (Wed) by ewan (subscriber, #5533)
In reply to: Local root vulnerability in the kernel by nix
Parent article: Local root vulnerability in the kernel

"neither is going to happen unless you make some unusual changes to your system"

Er - what? This exploit works on RHEL 6 in its default configuration. It's not exactly the far reaches of exotica.


(Log in to post comments)

Local root vulnerability in the kernel

Posted May 21, 2013 14:33 UTC (Tue) by nix (subscriber, #2304) [Link]

RHEL6 has user namespaces turned on?! That's... riskier than I would have expected from RH. I boggle.

Local root vulnerability in the kernel

Posted May 21, 2013 20:32 UTC (Tue) by spender (subscriber, #23067) [Link]

You guys are talking past each other.

I mentioned (as an example) user namespaces as something new in the kernel that introduced significant vulnerability not present in earlier kernels.

Drag then commented about the vulnerability that the article is about (the perf events vuln) being as significant as an ext4 data corruption bug.

You then mentioned about how you wouldn't be hit by this vulnerability without extensive changes to your system. I believe you were referring to user namespaces here, but drag was referring to perf events. CONFIG_PERF_EVENT is forced on (why?) for anyone using X86.

Ewan then followed up saying basically what I just said in the above paragraph, referring to the exploit released that was mentioned in this article, but without explicitly mentioning perf events you still understood him to be talking about user namespaces.

All sorted now! :)

-Brad

Local root vulnerability in the kernel

Posted May 22, 2013 16:45 UTC (Wed) by nix (subscriber, #2304) [Link]

Yeah, I was firing at the wrong thing. Misread, drag and ewan and you are right.

One problem with the rather nice LWN Recent Comments thing is a lack of context, and it sometimes leaves you astray :)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds