Language Selection

English French German Italian Portuguese Spanish

A Tale of Two Root Exploits, and Why We Shouldn't Panic

Filed under
Security

There's no denying Linux is more secure than perpetually-patching Windows, but the past month or so has not provided an ideal demonstration.

In August, we saw the arrival of a long-overdue fix for a kernel bug that was six years old; now, in the last week or so, it's been not one but two root exploits causing a fuss.

"Running 64-bit Linux? Haven't updated yet? You're probably being rooted as I type this," was the introduction on Slashdot to CVE-2010-3081, the second such vulnerability to come to light in recent days.

Preceding it by just a few of those days, of course, was CVE-2010-3301, which had actually been discovered and fixed back in 2007 before the patch was inexplicably removed again the very next year, reintroducing the vulnerability.

Put it all together, and you'll see why more than a few Linux bloggers have been scratching their heads about security.

A Matter of Size?




More in Tux Machines

COM and Pico-ITX dev kit run Linux on dual-core Cortex-A7

iWave has launched a rugged, SODIMM-style COM and Pico-ITX form factor carrier board that run Linux on the Renesas dual-core, Cortex-A7 RZ/G1E SoC. In January, iWave launched the iW-RainboW-G20M-Qseven computer-on-module, built around the dual-core 1.5GHz Cortex-A15 based Renesas RZ/G1M and RZ/G1N SoCs. Now the company has followed up with a 67.6 x 37mm, SODIMM form factor “iW-RainboW-G22M-SM” COM that runs Linux 3.10.31 on the dual-core Cortex-A7 based RZ/G1E SoC from the same RZ/G series SoCs. Read more

today's leftovers