Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Originally posted by Basel I have downloaded the patch from kernel.org, specifically patch-2.6.3.bz2.
I am new to linux and do not know what to do to update the kernel. My distribution is JDS (based on SuSE 8.1 and Linux 2.4.19).
You might want to either try to find a precompiled binary kernel for your distro, so that you don't have to compile the kernel source or just find the source for a non-vulnerable kernel and compile that without having to patch it. If you have questions about compiling or installing a new kernel, feel free to post them in the Linux-Newbie or Linux-General Forums.
Originally posted by Capt_Caveman While it's not that pressing right now, you could be in for a real world of hurt when the next remote exploit comes out.
If you're behind a decent firewall and only use your computer as a regular desktop, these security flaws aren't too important, are they?
It's a local root exploit, so the vulnerability cannot be remotely exploited. But if used in conjunction with an exploit that allows local access, you are done for (or if you already have other users). The recent compromises at debian and gentoo (which used a remote exploit followed by priviledge escalation similar to this one) are good examples of why these types of local root exploits are still extremely dangerous. I would highly recommended upgrading you kernel immediately. Don't let your firewall lull you into the false perception that you are not vulnerable. It certainly minimzes your risk, but you should still upgrade immediately.
I really am too lazy to fix this right now, I guess I'll just wait until the next kernel comes out, then work with that. I just got my nvidia drivers working, I don't really feel like messing around with that right now.... Thanks for the heads-up though.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.