Although it might seem self-serving, I do know of one sure way to fix this vulnerability right away on running production systems, and it doesn’t even require you to reboot: you can (for free) download Ksplice Uptrack and fully update any of the distributions that we support (We support RHEL, CentOS, Debian, Ubuntu, Parallels Virtuozzo Containers, OpenVZ, and CloudLinux. For high profile updates like this one, Ksplice optionally makes available an update for your distribution before your distribution officially releases a new kernel). We provide a free 30-day trial of Ksplice Uptrack on our website, and you can use this free trial to protect your systems, even if you cannot arrange to reboot anytime soon. It’s the best that we can do to help in this situation, and I hope that it’s useful to you.
But wait, there's more!
Oh Noes! Everyone abandon Linux and go to macs! (/Applephile)
For me, CP/M is the way to go. NO ONE has written a virus for that O/S...
Already got the Update Manager alerts for my Ubuntu and Fedora machines. I believe I hear our NIX team over there bellyaching, but that’s par for the course.
Forget “Patch Tuesdays” from MS. When a problem really needs to be fixed, count on the open source community!
This is a LOCAL exploit. The attack must be launched by an authenticated user that is already logged on.
Unless you are granting shell command access to users, a Linux server is not vulnerable to a remote attack.
If you are using Linux on your desktop, just be aware of what you download and run on your desktop (the same advice I'd give to Windows users)