Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Zero-Day Flaw Found in 'Linux Kernel' leaves Millions Vulnerable


  • Please log in to reply
3 replies to this topic

#1 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,854 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:06:53 AM

Posted 19 January 2016 - 04:32 PM

 

A new critical zero-day vulnerability has been discovered in the Linux kernel that could allow attackers to gain root level privileges by running a malicious Android or Linux application on an affected device.
 
The critical Linux kernel flaw (CVE-2016-0728) has been identified by a group of researchers at a startup named Perception Point.
 
 
The vulnerability was present in the code since 2012, and affects any operating system with Linux kernel 3.8 and higher, so there are probably tens of millions of computers, both 32-bit and 64-bit, exposed to this flaw.
 
However, the most bothersome part is that the problem affects Android versions KitKat and higher, which means about 66 percent of all Android devices are also exposed to the serious Linux kernel flaw.
Zero-Day Flaw Found in 'Linux Kernel' leaves Millions Vulnerable

BC AdBot (Login to Remove)

 


#2 mremski

mremski

  • Members
  • 498 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NH
  • Local time:03:53 PM

Posted 19 January 2016 - 05:27 PM

Reading the little they wrote (CVE doesn't have much at all) it would require "local access", so on a desktop I'd be less concerned.  The Android part, that would be more concerning if you have a bunch of apps that you don't know the provenance of.


FreeBSD since 3.3, only time I touch Windows is to fix my wife's computer


#3 Guest_GNULINUX_*

Guest_GNULINUX_*

  • Guests
  • OFFLINE
  •  

Posted 19 January 2016 - 06:34 PM

Indeed, local access AND user account needed to get root access!

The problem is not all devices Linux get patched automatically.

Source: Kaspersky Lab

 

I think it's time they change policy @ Android and... Mint...   :notme:

 
Greets!

 



#4 mremski

mremski

  • Members
  • 498 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NH

Posted 20 January 2016 - 03:48 AM

The issues with phones is "who controls what".  For example, if you have a Verizon branded Android phone, Verizon controls the push of updates out.  If you get an unlocked phone, you have control over when it gets updated.

 

But a good example of how the onus of security really rests on the enduser more than anyone else.

 

I understand the disclosing of vulnerabilities is sometimes at odds with the vendors as to what info is provided, but sometimes a bit more is needed so I can make an intelligent decision.  Say a problem is found in Bind that only affects the authoritative server for a zone.  That's pretty important, but if I am not running a DNS server at all, I'm not inclined to update immediately because the threat is minimal to me.  If it affected DNS clients, then I'm going to update now.  Attack vectors are very important in evaluating the individual system risk.

 

I'm not trying to minimize anything, just everyone needs to understand what the CVE is saying and evaluate it against their systems.


FreeBSD since 3.3, only time I touch Windows is to fix my wife's computer





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users