Linux vendors rush to patch privilege escalation flaw after root exploits emerg

[Jack]

Linux vendors are rushing to patch a privilege escalation vulnerability in the Linux kernel that can be exploited by local attackers to gain root access on the system.

The vulnerability, which is identified as CVE-2012-0056, was discovered by Jüri Aedla and is caused by a failure of the Linux kernel to properly restrict access to the "/proc/<pid>/mem" file.

According to Carsten Eiram, the chief security specialist at vulnerability research firm Secunia, the flaw was introduced in the Linux kernel code in March 2011 and affects versions 2.6.39 and above. "Any Linux distributions providing these kernel versions should be vulnerable," Eiram said.

Read more

 

[jamescv7]

Seems its like frequently appearance in some news for Linux vulnerabilities even its proof to be secure OS still it would be the target by some hackers cause nothing is immune.

 

[pcjunklist]

ouch, looks like it takes a bite out of ice cream sandwhich as well. But since there are only 2 phones running it it's not to bad for android customers and I'm sure it will get a patch shortly.