[justlurking]

Before anyone gets worked up about this:

This is a LOCAL exploit. The attack must be launched by an authenticated user that is already logged on.

Unless you are granting shell command access to users, a Linux server is not vulnerable to a remote attack.

If you are using Linux on your desktop, just be aware of what you download and run on your desktop (the same advice I'd give to Windows users)

[Ernest_at_the_Beach]

Well....that changes everything....thanks.

[perfect_rovian_storm]

That might be true for desktops, but for Linux servers running any kind of PHP or CGI, all it takes is a hole in the code and you’re rooted.

And if you use a hosting provider who uses a paravirtualized environment like Slicehost or some of the other VPS hosts, I’ve heard that patches are not available yet.

[Ernest_at_the_Beach]

Reading the comments at HardOCP:

Linux Kernel Exploit Wreaking Havoc

The usual snarky comments from the Gamers....but this was of interest.

************************************EXCERPT************************************

Dragoniz3rn00bie, 2.1 Years

Nothing to see here.

---

This has been tremendously overblown by ksplice in the interest of furthering the sales of their product. It's a local exploit, which means the attacker has to already be logged in to your box. It's not a remote exploit.

Oh, and by the way, after looking for the source code for their "detection tool", there is no way in hell I'm running it. It's copy+paste of the original exploit code, and there are some things in it that are very very difficult to verify the safety of (like embedded machine code)