Hole in the Linux kernel allows root access

Please notice that this inflicts 'local root access' and not 'remote root access'.

 

its not really a big issue then.
even thou users will excute practically anything.

 

Even though the kernel patch itself hasn't been released to a stable kernel yet, there is a work around that almost every distro has been using for a while now. If you are on Ubuntu and are not running Wine, you are safe.

To check if you are indeed safe, run the following command from the terminal:

Code:

cat /proc/sys/vm/mmap_min_addr

If it returns NULL (or 0) then you are affected. If it returns a non-zero number you are not affected. Ubuntu Karmic by default returns 65535. However, as I said, if you have Wine installed it will set it back to 0.

I am really wondering why this is even news at all since this exploit is over a month old.

 

Whether or not you are safe is distribution dependent. On my systems mmap_min_addr is > 0. I also have wine installed on one of them and it runs just fine.