Page 1 of 1
latest kernel exploit musings
Posted: Tue Feb 12, 2008 3:37 am
by jnash2001
I was running Fedora 8 on one of my machines when this latest local root exploit came out and I decided to try it out.
Sure enough it worked as advertised. I tried another variation and that worked too.
So I was thinking if somebody out there started to distribute copies of a program using the exploit, and used it to install some kind of spyware.
Has anybody know of a real example?
P.S. Fedora has released a patched kernel for this vulnerability: 2.6.23.15-137.fc8
Re: latest kernel exploit musings
Posted: Tue Feb 12, 2008 9:13 am
by dann
I have never heard of this happening but theoretically it is possible. The problem, though, is that Linux apps are under such scrutiny that it would not take long if something like this got out in the wild to be tracked down. Furthermore, due to the nature of the community such a person providing said corrupted file would be at the very least excommunicated and hounded to every corner of the web.
Re: latest kernel exploit musings
Posted: Tue Feb 12, 2008 10:02 am
by Tsuroerusu
jnash2001 wrote:P.S. Fedora has released a patched kernel for this vulnerability: 2.6.23.15-137.fc8
Unlike a certain north-western american company, who would have waited over a month for the planets and their monthly update schedule to align!
Re: latest kernel exploit musings
Posted: Tue Feb 12, 2008 2:57 pm
by jnash2001
dann wrote:I have never heard of this happening but theoretically it is possible. The problem, though, is that Linux apps are under such scrutiny that it would not take long if something like this got out in the wild to be tracked down. Furthermore, due to the nature of the community such a person providing said corrupted file would be at the very least excommunicated and hounded to every corner of the web.
Of course if it is an application without source code available that would be more difficult.
Sort of like what happened with the Sony DRM rootkit.