What version of the kernel has it "fixed"?
A Linux kernel vulnerability that can only be exploited locally is nonetheless proving a bit of a nuisance. It's a classic local privilege escalation bug, dubbed CVE-2018-14634, and lets an intruder or logged-in rogue user obtain root-level control over the machine. Eggheads at cloud security biz Qualys discovered the …
The CVE-2018-14634 vulnerability relates to a local privilege escalation bug in the Linux kernel, and creates a means to obtain root (administrator) privileges on a hacked system.
Good job you explained that root is a privileged user, I expect most on this tech site won’t know that.
Please can you get some journalists who understand their reader base.
Yeah! No explaining stuff that I already know!!!!
However, you better not just assume that I know stuff that I don't!
How tricky than can be? Just collate a big list of everything that all the regular readers know and go through that list before publishing any article!
"How tricky than can be? Just collate a big list of everything that all the regular readers know and go through that list before publishing any article!"
What a great idea. Or just insert inline helpful remarks directed towards specific reader bases:
"relates to a local privilege escalation bug in the Linux kernel, and creates a means to obtain root ([newbies]administrator, [Autralian geeks]snigger) privileges on a hacked system."
We clearly need more of that, not less.
I am always confused by mentions of servers in articles not about restaurants, wonder why would people keep data in aerosol formations kilometres high in the sky and never understood how rodents are supposed to connect to computers. And who is General Failure and why is he reading my disk?
"Good job you explained that root is a privileged user, I expect most on this tech site won’t know that."
Don't forget that Australians, editors and managers read this site too...
Sometimes small words, talking slowly and repetition isn't enough to guarantee understanding.
Security researchers at Qualys explain: "Even though all Linux kernels are technically vulnerable, this issue is mitigated by a one-year-old patch that was backported to most long-term kernels and makes exploitation impossible."
Impossible? Oh please. To be so sure it is not another "I did not have sexual relations with that woman" meme to regret having floated to media, is bound to be continually tested for proof of concept and integrity of security.
The very best that anyone can hope for and expect nowadays is surely that Unauthorised Root Administrative Access Exploitation of SCADA Systems is improbable because it is not just so simple.
Improved Enough to be Able to Enabled Followers Realising Simplified Words Leading to Heavenly AId Destinations, Wadseem Alkurdi, ... for NEUKlearer HyperRadioProACTivated Live Operational Virtual Environments?
A COSMIC Space for Universal ProgramMING ...... https://amanfrommars.blogspot.com/search?q=ProgramMING
And Patently Registering Here Now.
"local attacker can exploit this vulnerability via a SUID-root binary and obtain full root privileges,"
I find this a little odd unless the exploit can only be run from the console. I suspect they mean it needs command line access but that can be achieved via ssh.
OTOH kudos for the anagram name.
Biting the hand that feeds IT © 1998–2019