232
'Critical' vulnerability in OpenSSH uncovered, affects almost all Linux systems
(www.computing.co.uk)
A community for everything relating to the linux operating system
Also check out [email protected]
Original icon base courtesy of [email protected] and The GIMP
The full write-up can be found here and should be fairly readable for users of this forum.
Some quotes that I thought were interesting:
So 64-bit systems seem to be a bit more resistant to this it seems? But I can't be completely sure given how much I've read about this yet.
It seems that non glibc-based systems also could be vulnerable, but they have not yet tried to demonstrate it yet (or have tried and not been successful).
And OpenBSD wins again it seems.
Yeah they were experimenting with 64bit exploitation when this signal handler got some focus regarding a (likely related) deadlock so they rushed to disclose their findings to the project to minimise the possibility of having eyes on this vulnerability