Linux Kernel 2.2 Local Root Vulnerability Published
Saw this over at SNN
A vulnerability has been discovered in all versions of the Linux 2.2 kernel up to and including 2.2.18. The vulnerability is caused by a kernel race condition involving the ptrace and execve functions. The vulnerability allows a non-privileged user to gain root access on an affected system by executing any setuid root binary. An attacker must have shell access on the target machine to use the published exploit. In the tradition of Linux kernel security vulnerabilities, this bug can be exploited with relative ease and yields complete ownership of the target machine. If you have a Linux system running a 2.2 kernel, now is the time to upgrade.