Lige NU, er der er et exploit (skadelig kode der udnytter sikkerhedshullet) i omløb på nettet. Exploitet giver superbrugeradgang uden sudo+kodeord, så opdater aldeles omgående til den nye kerne der udkom igår, og genstart computeren.
Det gælder især for servere koblet op til internettet med en offentlig IP adresse, da de er direkte tilgængelig fra nettet.
Læs mere på:
http://www.h-online.com/open/news/item/Exploit-for-local-Linux-kernel-bug-in-circulation-Update-1863892.html
status på fixes:
Update 16-05-13 10:12:
The Ubuntu Security Team has closed the vulnerability with updates to Ubuntu 13.04, 12.10, 12.04 LTS and in the Hardware Enablement Kernel for Ubuntu 12.04 LTS which is based on the Ubuntu 12.10 kernel. The developers caution users that due to ABI changes in the kernel update, all third party modules installed with these kernels have to be recompiled and reinstalled. Users who use the linux-restricted-modules package will have to update this package as well, which will happen automatically on systems that include the standard kernel meta packages.
Red Hat says that Red Hat Enterprise Linux (RHEL) 4 and 5 are not affected by the problem. RHEL 6 and Red Hat Enterprise MRG 2 are affected and, until the company releases updates that fix the problem, Red Hat recommends mitigating the security risks and gives instructions how to do so on a page on its customer portal web site.
The Debian developers are also working to fix the problem. At the time of writing, Debian stable (Wheezy) and testing (Jessie) are both vulnerable to the exploit, Debian unstable (Sid) is not vulnerable. The fixed kernel package is available in the security update repository for Wheezy, however, and should be updated in the main distribution repository soon.
/Lars
