From time to time there appears that bug in the Linux kernel that leaves people with hair on their feet, maybe this is the best description in Portuguese for a "Zero Day" bug. This term commonly used when the bug affects a vital program that ends up putting an entire ecosystem (or system) in danger and in theory the developer has "zero days" to fix the business "before the world explodes", well, they discovered the Trouble this morning, now it's ready!
A Linux bug that existed since 2012 that allows the attacker to terminate Root access to the system was discovered, the discovery was made by Startup Perception Point, the bug is named (CVE-2016-0728) and can be analyzed. clicking here. According to the information, the affected versions started from Linux Kernel 3.8 onwards, which include some versions of Android as well, more specifically those that carry Android KitKat onwards.
Affected Linux distributions include:
– Red Hat Enterprise Linux 7
– CentOS Linux 7- Scientific Linux 7- Debian Linux stable 8.x (jessie) – Debian Linux testing 9.x (stretch) – SUSE Linux Enterprise Desktop 12- SUSE Linux Enterprise Desktop 12 SP1- SUSE Linux Enterprise Server 12- SUSE Linux Enterprise Server 12 SP1- SUSE Linux Enterprise Workstation Extension 12- SUSE Linux Enterprise Workstation Extension 12 SP1- Ubuntu Linux 14.04 LTS (Trusty Tahr) – Ubuntu Linux 15.04 (Vivid Vervet) – Ubuntu Linux 15.10 (Wily Werewolf) – openSUSE Linux LEAP and a version 13.2 The site information "The Hackers News"report that on Linux servers the attack is only possible if done locally. Apparently Perception Point personnel themselves, with the help of Red Hat engineers and the Linux community, have been able to fix the problem, you can see more details about how the vulnerability works and how what was done to fix it in the post from the official Startup website.
How to fix the problem
If there is one thing that users cannot complain about the speed of bug fixes once they are discovered. Major distributions have now made it possible to fix the problem through system upgrades, so update your distribution. If you use Ubuntu or its derivative look in the "Program Updater" application system menu, just upgrade.
If you prefer to do things through the terminal can the following commands:
sudo apt-get update
sudo apt-get upgrade
If you use another Linux distribution and you do not know how to upgrade the system, consult your district documentation for how to upgrade. So far Google has not commented on the problem, but since the "local" bug in the case of Smartphones, the problem is not so serious, after all, if he is in the wrong hands, having root access is part of the problem. .
_____________________________________________________________________________ See any errors or would you like to add any suggestions to this article? Collaborate, click here.