Welcome!

Please read this important information about Spectre and Meltdown vulnerabilities.
Please read this important information about MX sources lists.
News
  • MX Linux on social media: here
  • Mepis support still here
Current releases
  • MX-17 Final release info here
  • MX-16.1 release info here
  • antiX-17 release info here
    New users
    • Please read this first, and don't forget to add system and hardware information to posts!
    • Read Forum Rules

Most serious” Linux privilege-escalation bug ever is under active exploit

Message
Author
User avatar
richb
Administrator
Posts: 15894
Joined: Wed Jul 12, 2006 2:17 pm

Most serious” Linux privilege-escalation bug ever is under active exploit

#1 Postby richb » Sat Oct 22, 2016 1:06 pm

All Linux kernels for several years have a vulnerability that can be exploited to escalate privileges and allow a hacker to gain access to the root system. the default kernel for Kernel for MX-14 will need to be replaced with 3.16 wheezy-backports kernel (3.16.36-1+deb8u2~bpo70+1) and headers packages. You are strongly urged to install this patched kernel.

The MX-15 kernels, both 32 and 64, bit have been patched to correct this vulnerability. The patched kernels will show as an upgrade in apt-notifier for MX-15. You are strongly urged to accept this upgrade.

Liquorix kernels:

All vulnerable 3.x & 4.x linux-liquorix kernels have been removed from the MX-14 & MX-15 repositories.
The 4.7 & 4.8 linux-liquorix kernels in the MX-15 repository have been patched.

This is a video explaining the situation.

Dirty Cow, CVE-2016-5195, and MX-15. (Don't worry, new kernels are already up).
Forum Rules
Guide - How to Ask for Help

Rich
SSD Production: MX-15- 64 - migrated to MX-16 RC1
HD Test: MX-16 RC1
AMD A8 7600 FM2+ CPU R7 Graphics, fglrx driver, 16 GIG Mem. Samsung EVO SSD 250 GB, 350 GB HD

User avatar
Eadwine Rose
Forum Veteran
Forum Veteran
Posts: 4956
Age: 45
Joined: Wed Jul 12, 2006 2:10 am

Re: Most serious” Linux privilege-escalation bug ever is under active exploit

#2 Postby Eadwine Rose » Sat Oct 22, 2016 2:19 pm

Will these show as upgrades in syna...

never mind:

Code: Select all

linux-compiler-gcc-4.9-x86 (version 4.2.6-3~bpo8+2) will be upgraded to version 4.2.6-3~bpo8+3
linux-headers-4.2.0-0.bpo.1-amd64 (version 4.2.6-3~bpo8+2) will be upgraded to version 4.2.6-3~bpo8+3
linux-headers-4.2.0-0.bpo.1-common (version 4.2.6-3~bpo8+2) will be upgraded to version 4.2.6-3~bpo8+3
linux-image-4.2.0-0.bpo.1-amd64 (version 4.2.6-3~bpo8+2) will be upgraded to version 4.2.6-3~bpo8+3
linux-libc-dev (version 3.16.36-1+deb8u2) will be upgraded to version 4.2.6-3~bpo8+3
mx-packageinstaller-pkglist (version 16.8mx15) will be upgraded to version 16.10mx16


Is this the one you are talking about Rich?
MX-17_x64 Horizon 2017-12-15 4.14.0-3-amd64 ext4 Xfce 4.12 * AMD Asus M4A785TD-V EVO AM3 * ASUS GeForce GT640-1GD5-L NVIDIA 387.34 * AMD Proc. Athl II X4 635, sAM3 * HDA ATI SB VT1708S An * 2x4Gb DDR3 1600 Kingst * 22" Samsung SyncM P2250 * HP F2280

User avatar
richb
Administrator
Posts: 15894
Joined: Wed Jul 12, 2006 2:17 pm

Re: Most serious” Linux privilege-escalation bug ever is under active exploit

#3 Postby richb » Sat Oct 22, 2016 3:41 pm

yes
Forum Rules
Guide - How to Ask for Help

Rich
SSD Production: MX-15- 64 - migrated to MX-16 RC1
HD Test: MX-16 RC1
AMD A8 7600 FM2+ CPU R7 Graphics, fglrx driver, 16 GIG Mem. Samsung EVO SSD 250 GB, 350 GB HD

User avatar
Eadwine Rose
Forum Veteran
Forum Veteran
Posts: 4956
Age: 45
Joined: Wed Jul 12, 2006 2:10 am

Re: Most serious” Linux privilege-escalation bug ever is under active exploit

#4 Postby Eadwine Rose » Sat Oct 22, 2016 4:00 pm

Upgraded, rebooted, all is still well in my world :) thanks!
MX-17_x64 Horizon 2017-12-15 4.14.0-3-amd64 ext4 Xfce 4.12 * AMD Asus M4A785TD-V EVO AM3 * ASUS GeForce GT640-1GD5-L NVIDIA 387.34 * AMD Proc. Athl II X4 635, sAM3 * HDA ATI SB VT1708S An * 2x4Gb DDR3 1600 Kingst * 22" Samsung SyncM P2250 * HP F2280


Return to “General”

Who is online

Users browsing this forum: No registered users and 7 guests