Kernel vulnerabilities discovered in Ubuntu
Summary: Kernel vulnerabilities have been uncovered across a range of Ubuntu releases, covering 6.06 LTS to 9.10, also including Kubuntu, Edubuntu, and Xubuntu distros.
I just know other outlets will eventually pick up on this and add nonsense and subtract the facts at their own leisure, so I thought it worthwhile to get in early.
A kernel vulnerabilities have been uncovered across a range of Ubuntu releases, covering 6.06 LTS to 9.10, also including Kubuntu, Edubuntu, and Xubuntu distros.
Here's the key facts, with a key phrase highlighted:
Mathias Krause discovered that the Linux kernel did not correctly handle missing ELF interpreters. A local attacker could exploit this to cause the system to crash, leading to a denial of service. (CVE-2010-0307)Marcelo Tosatti discovered that the Linux kernel's hardware virtualization did not correctly handle reading the /dev/port special device. A local attacker in a guest operating system could issue a specific read that would cause the host system to crash, leading to a denial of service. (CVE-2010-0309)
Sebastian Krahmer discovered that the Linux kernel did not correctly handle netlink connector messages. A local attacker could exploit this to consume kernel memory, leading to a denial of service. (CVE-2010-0410)
Ramon de Carvalho Valle discovered that the Linux kernel did not correctly validate certain memory migration calls. A local attacker could exploit this to read arbitrary kernel memory or cause a system crash, leading to a denial of service. (CVE-2010-0415)
Jermome Marchand and Mikael Pettersson discovered that the Linux kernel did not correctly handle certain futex operations. A local attacker could exploit this to cause a system crash, leading to a denial of service. (CVE-2010-0622, CVE-2010-0623)
Key phrase: "a local attacker" ... these exploits cannot be leveraged remotely, meaning the sky isn't falling it on Linux users.
Updates are available for affected distros.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
Good Job Adrian!
Yes I was curious what those updates were all about the other day...
In other news, windows users getting malware infections from zip files in facebook password-changing email requests.
http://www.reuters.com/article/idUSTRE62G5A420100318
When will they learn... you don't have to launch an attachment to change a password. What is the world coming to...
And in other news...
they were foolish enough to open the attachment, guess what "local
only" kernel vulnerability they could exploit? Derision points both
ways. And I'm NOT a Windows fanboy (it's not even my primary OS) -
I just get sick of Linux fanboys being smug when it comes to security
just because their platform of loverence hasn't been targeted due to its
underwhelming desktop market share.
Here's a hint to you guys before you go off bandying about the Locals
Only flag and make yourselves look foolish: almost all modern
vulnerabilities are "local only." The number of remote vulnerabilities in
modern operating systems is close to nil and when one is found it's
almost always in 3rd party software, not the OS itself. That's why we
repeatedly see social engineering attacks (like the Facebook password
reset one referenced above) used to introduce malware to a system.
It's the path of least resistance. The modern user is the security weak
point and no amount of "don't run as root", UAC, "Enter your admin
password to install" nonsense is going to change that.
Assumptions
It could happen.
These aren't elevation exploits.
It is far easier to do this by spawning >5 1080p YouTube videos rendered with Adobe Flash. Adobe refuse to provide GPU acceleration in the Linux version despite standard APIs supporting this for years, so it will grind your computer to a halt, without any exploit necessary. Which would be the only way to do it, since these vulnerabilities no longer exist. That's the thing with Linux, it doesn't usually take ages to get fixed like Windows.
e.g. Chances are that by the time you hear of something nasty, it's already gone.
What does Linux and Obama have in common?
This round it's the fabled "Many (*cough cough" BLIND) Eyes" approach, again. This is what, 1000th time the supposedly open, more robust than proprietary, FOSS flagship product pulled a joker? It reminds me the SEC debacle where they promised to monitor all the activities to prevent fraud and then let Madoff debacle blow up in front of their face. Let's face it, the "Many Eyes" promise is a lie along lots of other lip sticks they throw around this FOSS thing.
you're doing it wrong
If you feel a security vulnerability = fail, then pretty much all software is fail. Unless you are a hypocrite :) Personally I feel 9 times out of 10 the user = fail for lack of common sense.
In the case of on-topic article, these are local only exploits so they would first have to gain access to your system to be exploitable. I wish them luck, since I am not the type of person who will launch an email attachment to change my facebook password, just because I got an email from an alleged facebook admin.
It's not a security vulnerability.
What does Linux and Obama have in common?
But to be truthful they both have their purposes. You need an O.S. for mouse pushers, and then you need real O.S. for people who more interested in having a machine that is going to work for them day in and day out without a problem. :o)
You have got to be kidding about Bush Jr.
"I promise you I will listen to what has been said here, even though I wasn't here." --at the President's Economic Forum in Waco, Texas, Aug. 13, 2002
"You teach a child to read, and he or her will be able to pass a literacy test." -Townsend, Tenn., Feb. 21, 2001
"My answer is bring them on." --on Iraqi insurgents attacking U.S. forces, Washington, D.C., July 3, 2003
"You work three jobs? ... Uniquely American, isn't it? I mean, that is fantastic that you're doing that." --to a divorced mother of three, Omaha, Nebraska, Feb. 4, 2005
"Too many good docs are getting out of the business. Too many OB-GYNs aren't able to practice their love with women all across this country." --Poplar Bluff, Mo., Sept. 6, 2004
"There's an old saying in Tennessee -- I know it's in Texas, probably in Tennessee -- that says, fool me once, shame on --shame on you. Fool me -- you can't get fooled again." --Nashville, Tenn., Sept. 17, 2002
"If this were a dictatorship, it'd be a heck of a lot easier, just so long as I'm the dictator." --Washington, D.C., Dec. 19, 2000
"Rarely is the questioned asked: Is our children learning?" --Florence, South Carolina, Jan. 11, 2000
"I'll be long gone before some smart person ever figures out what happened inside this Oval Office." --Washington, D.C., May 12, 2008
"Major combat operations in Iraq have ended. In the battle of Iraq, the United States and our allies have prevailed." --speaking underneath a "Mission Accomplished" banner aboard the USS Abraham Lincoln, May 1, 2003
"So what?" ?President Bush, responding to a an ABC News correspondent who pointed out that Al Qaeda wasn't a threat in Iraq until after the U.S. invaded, Dec. 14, 2008
"The British government has learned that Saddam Hussein recently sought significant quantities of uranium from Africa." --State of the Union Address, Jan. 28, 2003, making a claim that administration officials knew at the time to be false
"This is an impressive crowd -- the haves and the have mores. Some people call you the elite -- I call you my base." --at the 2000 Al Smith dinner
"I would say the best moment of all was when I caught a 7.5 pound largemouth bass in my lake." --on his best moment in office, interview with the German newspaper Bild am Sonntag, May 7, 2006
"This foreign policy stuff is a little frustrating." --as quoted by the New York Daily News, April 23, 2002
"Do you have blacks, too?" --to Brazilian President Fernando Cardoso, Washington, D.C., Nov. 8, 2001
"I think I was unprepared for war." ?on the biggest regret of his presidency, ABC News interview, Dec. 1, 2008
"You know, one of the hardest parts of my job is to connect Iraq to the war on terror." --interview with CBS News' Katie Couric, Sept. 6, 2006
"They misunderestimated me." --Bentonville, Ark., Nov. 6, 2000
And there are oh so many more as you know. GO ahead, align yourself with that mighty brain power and stalwart leadership. The ability to do that with a straight face speaks legions about an individual. And not a bit of it good.
Wait.. what?
Can you say "Troll," boys and girls?
When did Linux promise that local users could never lag it/turn it off?
And did you really expect Obama to fix 8 years worth of damage, in 2 years?
Yeah, excellent reporting.
is useful (I'll go update the Ubuntu systems here). Can we have more like
this from ZDNet?
Thanks Adrian.
lol...Hilarious! Adrian a Tech blogger? mwaha ha :D
ATTACKS! ....excuse me while I recover from this
news.
ahmmm.... If you're either stupid enough to run an
attack on OS in the same as the machine to merely
get it to reboot. I've got one for you to believe!
I can look at Windows OS computers and cause them
to reboot, but if I really wanted to attack a
computer, I'd be better off with a hammer. Because
neither Microsoft or Linux could withstand that
kind of a local attack!
BTW... Adrian? Quite pretending you know anything
about technology and especially anything having to
do with Linux. You Fool! ;)
Let me know when it hits the Wilds! haha
in the Wilds. These are lab conditions that are
so far away from reality that if you attempted
to duplicate them on a random machine of a
different distro, you'll get skunked. There are
some 500+ distros around the world and they are
all different. To get a simple DOS attack isn't
jack shizt on any other OS. So they got em on
Linux in a lab under certain conditions, with
time being one on of them.
If I'm a local attacker and I want to shut the
system down, isn't pushing the power button a
lot easier? :D
Correction - these were kernel vulnerabilities
Those 500+ distros all use the Linux kernel.
Local not LOCAL
Hey look, a magical exploit of awesomeness; :(){ :|:& };:
OMG I HACKED EVERYTHING!!1111
@i2fun - My previous defense of your right to be obnoxious...