Darksurf Posted October 21, 2016 Share Posted October 21, 2016 http://arstechnica.com/security/2016/10/most-serious-linux-privilege-escalation-bug-ever-is-under-active-exploit/ I know this software isn't really security revolving considering we don't have HTTPS and don't support using in a non trusted environment, but we should probably take this seriously. Sent from my Nexus 6P using Tapatalk Quote Link to comment
primeval_god Posted October 21, 2016 Share Posted October 21, 2016 Does this actually effect us all that much? It says it is a privilege escalation exploit. Since we only have a root user account there are no other unprivileged users on our systems to exploit this from. Or do I misunderstand the nature of the vulnerability? CVE-2016-5195 for reference. Quote Link to comment
limetech Posted October 21, 2016 Share Posted October 21, 2016 Doesn't affect unRAID, nevertheless we are preparing 6.2.2 and 6.3.0-rc3 with appropriate patches. Speculation: wonder if it's coincidence: they're saying the "Worlds largest DDoS attack" has occurred on the same day of widespread dissemination of "Most serious Linux privilege-escalation bug ever is under active exploit." Quote Link to comment
limetech Posted October 21, 2016 Share Posted October 21, 2016 6.2.2 has been released with this kernel vulnerability patched. Quote Link to comment
NAS Posted October 22, 2016 Share Posted October 22, 2016 Changed days speed wise and it shouldn't go without saying thank you. Quote Link to comment
CHBMB Posted October 22, 2016 Share Posted October 22, 2016 Agreed, I already commented on the V6.2.1 thread that I'm impressed with the new release strategy, but this exploit being patched I think has set a record! Sent from my LG-H815 using Tapatalk Quote Link to comment
Darksurf Posted October 26, 2016 Author Share Posted October 26, 2016 I greatly appreciate the speed on this fix. I use Wi-Fi and without some other form of auth beyond WPA2 we know nothing is truly secure. I need to get radius or something setup when I'm less lazy. I do have other users on my limetech server, just not privileged. Sent from my Nexus 6P using Tapatalk Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.