A vulnerability in udev, the user-space tool that manages the Linux /dev tree, has left unpatched systems vulnerable to a local root privilege escalation. Exploits are already circulating on the full-disclosure mailing list, so it is rather important for users and administrators to update their systems. The problem was caused by the way udev processes the messages it receives—certain kinds of messages, which could be generated by user processes, were not considered. That oversight led to the vulnerability.

There are no related posts to this one. Have some randomness:

• June 11, 2009 -- Software liability law could divide open source (0)
• August 21, 2009 -- Wikimedia receives $500,000 from Hewlett Foundation (0)
• November 25, 2009 -- Silverlight multi-platform support is falling apart (0)
• December 16, 2009 -- Red Hat Settles Five-Year-Old Shareholder Lawsuit (0)
• May 14, 2009 -- Why I Switched from GNOME to KDE (0)