Serious bug in Linux kernel allows for privilege escalation

The security team at Perception Point has uncovered a serious bug in the Linux kernel that could allow a regular user to get elevated permissions on an affected system. The vulnerability affects the Linux kernel versions 3.8 and higher.

The bug lies in the code that implements Linux's keyrings facility , which is "primarily a way for drivers to retain or cache security data, authentication keys, encryption keys, and other data." To exploit the bug, ...

Read more...