By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Yes, I discovered this flaw three or four weeks ago. Describe the sequence of events.
I was quite busy doing some other tasks here at COSEINC so I had to postpone publication of the vulnerability. But on Feb. 1 I made initial contact with The Red Hat Security Response Team, then we contacted with kernel developers so they could provide a quick fix for this vulnerability. Explain the severity of the vulnerability and why, since it involves the kernel, IT administrators in Linux-based environments should be concerned.
This was one of the most critical flaws seen so far in the Linux Kernel, not counting vulnerabilities that can be exploited remotely. It was trivially exploitable in a matter of minutes and the exploit code was ready long before vendors managed to prepare and distribute updated kernel packages for their customers. Are you surprised that exploit code was released for this so quickly?
Why should I be? There are numerous exploits published each day. [Qaaz] decided to share his zero-day with us without prior contact with the vendor to prepare the patch. Bad luck this time. Maybe better luck next time?
After installing the patch the threat is over. That said, each company should have its own security policy applied whenever there is a probability that some systems could have been compromised. This looks like a locally-exploited issue. Is this something where companies need to be worried about a malicious insider taking advantage to do some damage?
It is trivially exploitable and the code is publicly available. The exploit is very reliable and each attack attempt should result in system compromise on vulnerable systems. It won't give you any warnings, and it won't leave any traces. Let that speak for itself.