A critical vulnerability in the Linux kernel that gives attackers access to root via X server has been patched by Linus Torvalds. Meanwhile, kernel developer James Morris reports on the first-annual Linux Security Summit (LSS), which covered topics including usability, hardening the kernel, and API standardization.
Linux folk have long shown an almost smug, if largely justified, confidence in the superior security of their operating system, especially compared to Windows. Yet, as Linux takes on a greater role, especially in the server and mobile device worlds, the threat of malicious attacks grows larger.

Now, it turns out that Linux may not be quite as secure as we thought.

A "highly dangerous" privilege escalation vulnerability that would permit an attacker to execute arbitrary code as root from any GUI application via X server, was recently patched in the Linux kernel, writes Lucia Constantin on Softpedia. The flaw, which affects both x86_32 and x86_64 platforms, is said to have been present since the release of Linux 2.6.0.

The link for this article located at Desktop Linux is no longer available.