>Linus left
>Already a priv-esc exploit out
Looks like this is the end for Linux
amp.thehackernews.com
CVE-2018-14634
Colton Reyes
Other urls found in this thread:
amp.thehackernews.com
twitter.com
Charles Cruz
I somehow, still blame Microsoft..
>Embrace
Microsoft becomes linux supporter
>Extend
Microsoft makes some contributions to linux, and linux in return supports WSL
>Extinguish
The same COC microsoft adapted is now contributed to linux, making Linus step down for yelling at people, then exploits start poping up everywhere
I fucking hate microsoft.
Lucas Johnson
affects the kernel versions released between July 2007 and July 2017
Justin Jenkins
Doesn't affect Debian stable, testing or unstable.
Only oldstable.
Adam Parker
> affects the kernel versions released between July 2007 and July 2017
It's fucking nothing and fixed since over a year
Anthony Smith
Don't forget, linux distros were getting viruses shortly after github was acquired by Microsoft.
Austin Hernandez
>between July 2007 and July 2017
>not using a rolling distro
[laughs in letter agency]
Eli Allen
>AMP link
Please don't
Cooper Scott
>Systems with less than 32GB of memory are unlikely to be affected by this issue due to memory demands during exploitation
HAHAHAHA high RAM prices are finally giving some kind of good result
Charles Diaz
based gook flash memory cartel
Noah Smith
Sounds like bullshit.
Link?
Jordan Evans
>amp.thehackernews.com
>To successfully exploit this vulnerability, attackers need to have access to the targeted system
Lincoln Ramirez
I know a way.
Elijah Sanders
>amp
not clicking that
Andrew Miller
...
Eli Gray
its literally time to embrace OpenBSD.
Bentley Bell
>debian
>oldstable
nuoh my god
Kayden Collins
Github is just a mirror. The kernel is maintained elsewhere
Liam Brooks
>due to memory demands during exploitation
ie your pc will run out ram and brick
Matthew Peterson
>not applicable to stable/mainline kernels
>exploit requires local access, >32G of ram, and the ability to create and execute a special SUID-root binary (normal users can't do that)
Ayden Campbell
>execute a special SUID-root binary
This. I stop reading after this.
David Roberts
it's a bit of a stretch to call it privesc if you already have control over an suid-root binary, which would let you become any user anyway
it's just a technicality, the exploit allows escalation where it would normally not be allowed, but there's no practical situation where you would have such a binary on a system without already having root access
Jaxson Cook
... also, even if you argue "what if i make that binary on a usb drive and run it from that";
a. any good system will mount removable media with 'nosuid'
b. if a. isn't the case, congrats, that alone is privesc, have your suid-root binary run bash and you have a root shell
Ryder Young
>affects the kernel versions released between July 2007 and July 2017
Ok
Samuel Cox
>exploit for long time buried in linux code
>GAH COC DESTROYED LOONIX, TIME TO USE OPENBSD
>bonus - source:thehackernews.com
current state of Jow Forums
Grayson Hall
>current
Jow Forums was never good.
[spoiler]No, not even when it was guro[/spoiler]