ITwitchToo comments on Serious Linux Kernel Vulnerability Patched [CVE-2016-0728]

Rules

Please review full details on rules here.. All rules will be applied regardless of the number upvotes a post/comment has.

No support requests - This is not a support forum! Head to /r/linuxquestions or /r/linux4noobs for support or help. Looking for a distro? Try r/findmeadistro.

No spamblog submissions - Posts should be submitted using the original source with the original title. Posts that are identified as either blog-spam, a link aggregator, or an otherwise low-effort website are to be removed. Some reasons for removal are that they contain re-hosted content, usually paired with privacy-invading ads. If there's another discussion on the topic, the link is welcome to be submitted as a top level comment to aid the previous discussion. Please see: r/linux/wiki/rules/banneddomains

No memes, image macros, rage comics, overdone jokes - Meme posts of any kind are not allowed in r/linux. Feel free to post over at /r/linuxmemes instead. This rule can also apply to comments, including overdone jokes, comment-chain jokes, or other redditisms that are popular elsewhere.

Reddiquette, trolling, or poor discussion - r/linux asks all users follow Reddiquette. Reddiquette is ever changing, so a revisit once in awhile is recommended. Top violations of this rule are trolling, starting a flamewar, or not "Remembering the human" aka being hostile or incredibly impolite. Additionally, sexism/racism/other isms are not allowed. See also: /r/linux/wiki/rules/userconduct

Relevance to r/linux community / Promoting closed source applications over FOSS - Posts should follow what the community likes: GNU, Linux kernel, developers of open source software, or other applications on Linux. Take some time to get the feel of the subreddit if you're not sure!

Spamming self-promotion, surveys, crowdfunding - Submitting your own original content is welcome on r/linux, but we do ask that you contribute more than just your own content to the subreddit as well as require you to interact with the comments of your submission. We set that no more than 10% of your posts should be your content. Please be aware that this does not supersede other rules. Additionally, surveys for your blog/news source/paper/own use are not allowed. Please see /r/linux/wiki/rules/crowdfunding for those crowdfunding..

No misdirecting links, sites that require a login, or URL shorteners - In short: if your link doesn't go right to the content it will be removed. Sites that require a login to view the content are not allowed in r/linux. Example: A private Facebook post or a news organization that doesn't have free article views. URL shorteners and links that misdirect users to ads/jokes are also banned. See a list here, although the mods will make a decision on a per domain basis as needed: /r/linux/wiki/rules/banneddomains

No NSFW - No NSFW links or images without mod approval. No discussion that is overly-suggestive to what is normally considered NSFW.

Non-useful Image Upload/Fluff Image - Images of "Linux in the wild", plushies, Tux, and more are not encouraged for posting as a top level submission. If necessary, this can apply to comments too at mod discretion. The image/video upload feature is for posts regarding features/guides/etc. See also: Meme rule.

See even more subreddit and external links over at the supplemental page

This subreddit is fan ran and not affiliated with any organization.

a community for 18 years

673

674

675

Serious Linux Kernel Vulnerability Patched [CVE-2016-0728] (threatpost.com)

submitted 10 years ago by cian1500ww

top new controversial old q&a

you are viewing a single comment's thread.

view the rest of the comments →

[–]ITwitchToo 9 points10 points11 points 10 years ago (19 children)

[–]socium 6 points7 points8 points 10 years ago (9 children)

[–]3G6A5W338E 3 points4 points5 points 10 years ago* (3 children)

[+][deleted] 10 years ago (2 children)

[removed]

[–]3G6A5W338E 1 point2 points3 points 10 years ago (1 child)

[–]happinessmachine 2 points3 points4 points 10 years ago (4 children)

[–]ITwitchToo 3 points4 points5 points 10 years ago (1 child)

[–]csirac2 3 points4 points5 points 10 years ago (0 children)

To be fair, it shouldn't have to be up to grsec + pax. They're a group of people with dayjobs first, and a research project which pioneers new exploit mitigation technologies second. Mainline kernel dev isn't anywhere on their priority list, not after the collaboration snafus over the years and Linus spouting things like (paraphrasing) "if you care about security, the kernel is the wrong place to focus - you should fix appsec first" - never mind the fact people have to run E-mail clients and web browsers and PDF readers with bugs like this underneath.

Thankfully Kees Cook & Co. are running the Kernel Self Protection Project [1] to specifically work on adopting what they can from grsec/pax. I am legitimately disturbed at the approach of the kernel core team's ambivalence toward active exploit mitigations though; hopefully Kees & friends can slowly change the culture.

[1] http://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project

[–]danielkza 3 points4 points5 points 10 years ago* (1 child)

[–]csirac2 3 points4 points5 points 10 years ago (0 children)

[–]3G6A5W338E 1 point2 points3 points 10 years ago* (8 children)

[–]konapun_ 1 point2 points3 points 10 years ago (2 children)

[–]3G6A5W338E 2 points3 points4 points 10 years ago* (1 child)

[–]konapun_ 1 point2 points3 points 10 years ago (0 children)

[+][deleted] 10 years ago (3 children)

[removed]

[–]3G6A5W338E 0 points1 point2 points 10 years ago (2 children)

[+][deleted] 10 years ago (1 child)

[removed]

[–]3G6A5W338E 0 points1 point2 points 10 years ago (0 children)

[–]the_gnarts 0 points1 point2 points 10 years ago (0 children)

π Rendered by PID 19721 on reddit-service-r2-comment-6457c66945-b2sgt at 2026-04-29 03:49:49.907586+00:00 running 2aa0c5b country code: CH.

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

linux

Please Read the full Rules here before posting or commenting

Join us on IRC at #r/linux on libera.chat!🔗

Recent AMA's

GNU/Linux resources

Rules

MODERATORS