latest kernel exploit musings

[jnash2001]

I was running Fedora 8 on one of my machines when this latest local root exploit came out and I decided to try it out.
Sure enough it worked as advertised. I tried another variation and that worked too.

So I was thinking if somebody out there started to distribute copies of a program using the exploit, and used it to install some kind of spyware.
Has anybody know of a real example?



P.S. Fedora has released a patched kernel for this vulnerability: 2.6.23.15-137.fc8

[dann]

I have never heard of this happening but theoretically it is possible. The problem, though, is that Linux apps are under such scrutiny that it would not take long if something like this got out in the wild to be tracked down. Furthermore, due to the nature of the community such a person providing said corrupted file would be at the very least excommunicated and hounded to every corner of the web.

[Tsuroerusu]

P.S. Fedora has released a patched kernel for this vulnerability: 2.6.23.15-137.fc8

Unlike a certain north-western american company, who would have waited over a month for the planets and their monthly update schedule to align!

[jnash2001]

I have never heard of this happening but theoretically it is possible. The problem, though, is that Linux apps are under such scrutiny that it would not take long if something like this got out in the wild to be tracked down. Furthermore, due to the nature of the community such a person providing said corrupted file would be at the very least excommunicated and hounded to every corner of the web.

Of course if it is an application without source code available that would be more difficult.
Sort of like what happened with the Sony DRM rootkit.