Skip to main content

A serious Linux privilege-escalation bug has been in the wild for nine years

best linux distros
Spectral-Design/Shutterstock
There’s a Linux vulnerability in the wild that’s apparently been residing in just about every Linux version for the last nine years, and Linux users will want to install a patch as soon as possible.

The exploit is titled CVE-2016-5195, and it’s a privilege-escalation bug as opposed to a code-execution vulnerability, as Ars Technica reports. That makes it theoretically less serious, but nevertheless, researchers aren’t taking it lightly. In part, it’s considered a serious threat because it resides in a Linux kernel section that’s used by almost all Linux distributions. And the bug is apparently being actively used by malicious parties in the real world.

Recommended Videos

According to Dan Rosenberg, senior researcher at Azimuth Security, “It’s probably the most serious Linux local privilege escalation ever. The nature of the vulnerability lends itself to extremely reliable exploitation. This vulnerability has been present for nine years, which is an extremely long period of time.” As of right now, Linux distributions are in various stages of receiving patches, after an official patch was developed by the official Linux kernel maintainers.

Please enable Javascript to view this content

The exploit in question is one that can allow an attacker to gain greater levels of control over a targeted machine. For example, a user with otherwise limited access to a web-hosting provider’s server can use the exploit to gain deeper shell access, and then leverage that access to attack other users of the server or even server admins. Privilege-escalation vulnerabilities can also be combined with other exploits, such as SQL injection bugs, to run malicious code that they would normally be unable to execute.

Linux developer Phil Oester was the first to discover the bug, as indicated on a site that provides more information on the exploit. For now, you’ll want to check in with the maintainers of your particular Linux distribution and see if a patch is available. If it is, then you’ll want to apply it immediately to avoid seeing your Linux system suffer an attack.

Mark Coppock
Mark Coppock is a Freelance Writer at Digital Trends covering primarily laptop and other computing technologies. He has…
Texas brings the ban hammer down on DeepSeek and RedNote
Mobile users experience censorship bias with DeepSeek AI.

If you’re a government worker in Texas, you can’t use DeepSeek or many other Chinese-developed applications on your state-issued device. Texas Governor, Greg Abbott, has instated a ban, preventing state employees from downloading, installing, or using several notable Chinese apps on government-sanctioned devices.

Sighting data privacy and national security concerns, the Governor decreed that state workers are prohibited from interacting with Chinese AI and social media apps including DeepSeek, RedNote, and Lemon8 on state-owned devices. Additionally, the ban includes Chinese stock-trading platforms such as Moomoo, Tiger Brokers, and Webull.

Read more
It’s easier than ever to use ChatGPT Search — sign-in no longer needed
The ChatGPT Search icon on the prompt window

You no longer need to sign in to use ChatGPT Search.

“ChatGPT search is now available to everyone on chatgpt.com,” OpenAI said in a post on X announcing the change, adding, “No sign up required.”

Read more
Apple’s co-founder left 40 years ago today, but that was just the beginning of his story
Steve Wozniak speaking at an event in Paradise Valley, Arizona.

Apple co-founder Steve Wozniak seemingly had it all: surrounded by a successful company that he helped create and with more money to his name than he knew what to do with, to outside observers it must have all looked pretty sweet.

But Wozniak wasn’t happy at Apple -- and 40 years ago today, he quit. That wasn’t the end of the road for the engineering whizz. Instead, he went on to start a set of highly consequential companies and organizations across multiple different disciplines, leaving a mark in a range of different industries.
Early days at Apple

Read more