It’s a big problem for multi-user servers where some users aren’t supposed to have root access. For example, my university has several student-accessible servers, and they all seem to be currently vulnerable to the exploit. A malicious student could cause quite a lot of damage.
Not sure why one would use a multi-(Linux)-user server nowadays. Everything runs either via network (e.g. WebDav) or there are dedicated, isolated VMs on that server for exactly the above stated reason.
Non Tom’s slopware original:
https://github.com/V4bel/dirtyfrag
Also nice lies and panic spreading by them:
The vulnerability requires local user access to the affected system which is already a gigantic security hole if that’s the case on a server…
Tom’s Slopware delenda est
It’s a big problem for multi-user servers where some users aren’t supposed to have root access. For example, my university has several student-accessible servers, and they all seem to be currently vulnerable to the exploit. A malicious student could cause quite a lot of damage.
Not sure why one would use a multi-(Linux)-user server nowadays. Everything runs either via network (e.g. WebDav) or there are dedicated, isolated VMs on that server for exactly the above stated reason.
No patches available!
Literally a mitigation section on the page.