Security Leftovers
-
How Bad Is Dirty COW?
-
Unpatched Linux exploit grants instant full access to other users
-
Dirty COW was Livepatched in Ubuntu within Hours of Publication
If you haven't heard about last week's Dirty COW vulnerability, I hope all of your Linux systems are automatically patching themselves...
Why? Because every single Linux-based phone, router, modem, tablet, desktop, PC, server, virtual machine, and absolutely everything in between -- including all versions of Ubuntu since 2007 -- was vulnerable to this face-palming critical security vulnerability.
Any non-root local user of a vulnerable system can easily exploit the vulnerability and become the root user in a matter of a few seconds. Watch...
-
Canonical Livepatch Service Automatically Updates Ubuntu 16.04 LTS (and later) with the Latest Kernel without Rebooting
-
Dirty COW and clean commit messages
-
Linux kernel CVE-2016-5195 "Dirty COW" mitigated by Sandstorm
-
Flexera Software Acquires Software Composition Analysis Provider, Palamida
Flexera Software, the leading provider of next-generation software licensing, compliance, security and installation solutions for application producers and enterprises, today announced that it has acquired Palamida, provider of Software Composition Analysis solutions. The financial terms of the acquisition have not been disclosed.
-
Flexera Software Acquires Open Source Application Security Provider, Palamida
-
Vulnerability Spotlight: LibTIFF Issues Lead To Code Execution
-
Short DNS Record TTL And Centralization Are Serious Risks For The Internet
-
Distrusting New WoSign and StartCom Certificates
- Login or register to post comments
- Printer-friendly version
- 11809 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Dirty Cow hype
"According to Phil Oester and his quote on V3, its quality as an exploit is outstanding: “The exploit in the wild is trivial to execute, never fails and has probably been around for years – the version I obtained was compiled with gcc 4.8,” and he continued on to stress the related hazards: “An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.”
The key word continually being ignored in the above statement is LOCAL user. This horrible danger only exists if the bad guy has hands on access to your computer. Not to mention that the patch is in, update your kernels and this mostly non-problem completely disappears.