Linux Kernel hacked
By Sumir Singh

Kernel.org, which is the primary site for the Linux kernel source, has been the victim of a sophisticated hack.

Kernel.org has gone public with what happened

“
- Intruders gained root access on the server Hera. We believe they may have gained this access via a compromised user credential; how they managed to exploit that to root access is currently unknown and is being investigated.
- Files belonging to ssh (openssh, openssh-server and openssh-clients) were modified and running live.
- A trojan startup file was added to the system start up scripts
- User interactions were logged, as well as some exploit code. We have retained this for now.
- Trojan initially discovered due to the Xnest /dev/mem error message w/o Xnest installed; have been seen on other systems. It is unclear if systems that exhibit this message are susceptible, compromised or not. If developers see this, and you don't have Xnest installed, please investigate.
- It *appears* that 3.1-rc2 might have blocked the exploit injector, we don't know if this is intentional or a side affect of another bugfix or change.
“