Language Selection

English French German Italian Portuguese Spanish

A Tale of Two Root Exploits, and Why We Shouldn't Panic

Filed under
Security

There's no denying Linux is more secure than perpetually-patching Windows, but the past month or so has not provided an ideal demonstration.

In August, we saw the arrival of a long-overdue fix for a kernel bug that was six years old; now, in the last week or so, it's been not one but two root exploits causing a fuss.

"Running 64-bit Linux? Haven't updated yet? You're probably being rooted as I type this," was the introduction on Slashdot to CVE-2010-3081, the second such vulnerability to come to light in recent days.

Preceding it by just a few of those days, of course, was CVE-2010-3301, which had actually been discovered and fixed back in 2007 before the patch was inexplicably removed again the very next year, reintroducing the vulnerability.

Put it all together, and you'll see why more than a few Linux bloggers have been scratching their heads about security.

A Matter of Size?




More in Tux Machines

This Custom Android-x86 Build Puts Android 7.1.1 on Your PC, with Linux 4.11 RC7

GNU/Linux developer Arne Exton was happy to announce the release of a new build of his custom built Android-x86 project that lets uses runs the latest Android mobile operating system on their personal computers. Read more

Clear Linux Announces Intel Clear Containers 2.1.6 with Docker 17.04.0 Support

Clear Linux's Kent Helm was proud to announce the release and general availability of Intel Clear Containers 2.1.6, a maintenace update that promises to improve compatibility with recent Docker releases, but also adds various bug fixes. Read more

Nantes Métropole releases open source tool for LibreOffice transition

The French city of Nantes (Nantes Métropole) has released an open source tool used to schedule its migration to LibreOffice. The shift from commercial software to the free and open source LibreOffice productivity suite started in 2013 and is intended to save the administration EUR 260 000 per year. The transition was finalised in April 2016. Read more

Today in Techrights