Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Wait, so let me get this right: This is a Linux local privilege escalation 0day that works on (most) kernels ver. 2.6.37 to 3.8.10?


Well... [2.6.37, 3.8.10) -- non-inclusive on the upper bound.

Fixed in 3.8.10 so that one's good.

Otherwise, yes, yes it is.

*Edit: Actually it looks like it's fixed in 3.8.9 (made it in 3.8.9rc8) based on the patch at: https://patchwork.kernel.org/patch/2441281/ -- Someone with more knowledge of kernel dev should double-check.


And the bug was apparently backported to 2.6.32 on CentOS.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: