
Root privileges through Linux kernel bug  - da5e
http://www.h-online.com/open/news/item/Root-privileges-through-Linux-kernel-bug-Update-1061563.html
======
vr
This is not really a kernel bug. The exploit exhausts the address space of
Xorg (which is already running as root) to make it possible to write to its
stack using a shared memory segment. While the kernel can help prevent this
kind of issues by simply denying to map a page from the top of stack segment,
it's still an Xorg's problem that it allows to exhausts its address space. In
that state an attacker has much higher chances of making the process do
desired memory writes and using shared memory segments is not the only option
(as described in the original article this post links to).

------
ars
Debian:

Stable (2.6.26) updated it's kernel today, and this fix was included.

Experimental (2.6.35) updated yesterday with this fix.

Testing/Unstable (2.6.32) has not updated yet.

