Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Security updates for Tuesday [LWN.net]

    Security updates have been issued by CentOS (java-11-openjdk), Debian (aide, apr, ipython, openjdk-11, qt4-x11, and strongswan), Fedora (binaryen and rust), Mageia (expat, htmldoc, libreswan, mysql-connector-c++, phpmyadmin, python-celery, python-numpy, and webkit2), openSUSE (kernel and virtualbox), Red Hat (etcd, libreswan, nodejs:14, OpenJDK 11.0.14, OpenJDK 17.0.2, and rpm), Slackware (expat), SUSE (java-1_7_1-ibm, kernel, and zxing-cpp), and Ubuntu (strongswan).

  • Linux kernel bug can let hackers escape Kubernetes containers [Ed: Kubernetes and containers do not mean Linux kernel, but when a site is determined to boost Microsoft everything will always be blamed on "Linux"]

    A vulnerability affecting Linux kernel and tracked as CVE-2022-0185 can be used to escape containers in Kubernetes, giving access to resources on the host system.

  • Major Linux PolicyKit security vulnerability uncovered: Pwnkit | ZDNet

    If it's not one thing, it's another. After one real Linux problem -- the heap overflow bug in the Linux kernel's fs/fs_context.c program -- is found and fixed, then a new security problem is discovered. This time security company Qualys has uncovered a truly dangerous memory corruption vulnerability in polkit's pkexec, CVE-2021-4034.

    Polkit, formerly known as PolicyKit, is a systemd SUID-root program. It's installed by default in every major Linux distribution.

Systemd security

  • A new Polkit vulnerability

    Qualys has announced the disclosure of a local-root vulnerability in Polkit. They are calling it "PwnKit" and have even provided a proof-of-concept video.

Microsoft boosters are calling systemd "Linux"

"Linux" vuln

Two more

A Polkit Vulnerability Gives Root on All Major Linux Distros

  • A Polkit Vulnerability Gives Root on All Major Linux Distros

    A 12-year-old security vulnerability has been disclosed in the Linux’s system utility Polkit that grants attackers root privileges.

    Previously called PolicyKit, Polkit manages system-wide privileges in Linux. It provides a mechanism for nonprivileged processes to safely interact with privileged processes and it’s installed by default in every major Linux distribution.

    Yesterday, researchers from Qualys published an advisory about a local privilege escalation vulnerability in the pkexec tool, that is installed as part of the Polkit. The pkexec tool, which is a command line tool, is used to define which authorized user can execute a program as another user.

Dan Goodin

Bryan Cockfield

  • Major Bug Grants Root For All Major Linux Distributions | Hackaday

    One of the major reasons behind choosing Linux as an operating system is that it’s much more secure than Windows. There are plenty of reasons for this including appropriate user permissions, installing software from trusted sources and, of course, the fact that most software for Linux including the Linux kernel itself is open source which allows anyone to review the code for vulnerabilities. This doesn’t mean that Linux is perfectly secure though, as researchers recently found a major bug found in most major Linux distributions that allows anyone to run code as the root user.

Duo

SiliconANGLE

SoylentNews

Easily Exploitable Linux Flaw Exposes All Distributions: Qualys

  • Easily Exploitable Linux Flaw Exposes All Distributions: Qualys | eSecurityPlanet

    An easily exploited flaw in a program found in every major Linux distribution is the latest serious security issue that has arisen in the open-source space in recent weeks.

    Researchers at cybersecurity vendor Qualys this week disclosed the memory corruption vulnerability in polkit’s pkexec, which if exploited by a bad actor can enable an unprivileged user to gain full root privileges on a system, giving the unprivileged user administrative rights.

    The vulnerability, tracked as CVE-2021-4034, has “been hiding in plain sight” for more than 12 years and infects all versions of polkit’s pkexec since it was first developed in 2009, Bharat Jogi, director of vulnerability and threat research at Qualys, wrote in a blog post.

    Polkit’s (formerly PolicyKit) pkexec is a component used to control system-wide privileges in Unix-like operating systems, enabling non-privileged processes to communicate with privileged processes in an organized fashion. It also can be used to execute commands with elevated privileges using the command pkexec followed by the command intended to be executed with root permission.

Lawrence Abrams, a Microsoft booster, framing a VMware...

  • Linux version of LockBit ransomware targets VMware ESXi servers
    [Ed: Lawrence Abrams, a Microsoft booster, framing a VMware issue as "Linux"]

    LockBit is the latest ransomware gang whose Linux encryptor has been discovered to be focusing on the encryption of VMware ESXi virtual machines.

    [...]

    While ESXi is not strictly Linux, it does share many of its characteristics, including the ability to run ELF64 Linux executables.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Fedora Magazine: Five common mistakes when using automation

As automation expands to cover more aspects of IT, more administrators are learning automation skills and applying them to ease their workload. Automation can ease the burden of repetitive tasks and add a level of conformity to infrastructure. But when IT workers deploy automation, there are common mistakes that can wreak havoc on infrastructures large and small. Five common mistakes are typically seen in automation deployments. Read more

Security Leftovers

  • Reproducible Builds: Supporter spotlight: Jan Nieuwenhuizen on Bootstrappable Builds, GNU Mes and GNU Guix

    The Reproducible Builds project relies on several projects, supporters and sponsors for financial support, but they are also valued as ambassadors who spread the word about our project and the work that we do. This is the fourth instalment in a series featuring the projects, companies and individuals who support the Reproducible Builds project. We started this series by featuring the Civil Infrastructure Platform project and followed this up with a post about the Ford Foundation as well as a recent ones about ARDC and the Google Open Source Security Team (GOSST). Today, however, we will be talking with Jan Nieuwenhuizen about Bootstrappable Builds, GNU Mes and GNU Guix.

  • CISA Issues Emergency Directive and Releases Advisory Related to VMware Vulnerabilities [Ed: Proprietary software is a threat to national security]

    CISA has issued Emergency Directive (ED) 22-03 and released a Cybersecurity Advisory (CSA) in response to active and expected exploitation of multiple vulnerabilities in the following VMware products: VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation, vRealize Suite Lifecycle Manager.

  • Software Supply Chain: A Risky Time for Dependencies [Ed: This is a proprietary software problem too and it's not a new problem; the FUD patterns are newer and driven by special interests]

    The software supply chain is a critical element in the lifecycle of applications and websites. The interdependencies and components common in modern software development can increase the attack surface and sometimes allow hackers to bypass robust security layers you’ve added to your infrastructure.

Shows and Videos: FLOSS Weekly, Linux Out Loud, Bringing Windows Best Feature To Linux, and More

  • FLOSS Weekly 681: Yes, UCAN - James Walker, Fission.codes and UCAN

    User Controlled Authorization Networks (UCANs) are just one of the many new and useful approaches to decentralization that James Walker, of fission.codes, shares with Doc Searls and Dan Lynch. If you want a detailed dose of pure optimism about Web3 working for you and me, this is the episode for you on FLOSS Weekly.

  • 14: Back Stage Pass - Linux Out Loud - TuxDigital

    This week, Linux Out Loud chats about what it is like for us to be content creators on the Tux Digital Network. Welcome to episode 14 of Linux Out Loud. We fired up our mics, connected those headphones as we searched the community for themes to expound upon. We kept the banter friendly, the conversation somewhat on topic, and had fun doing it.

  • Bringing Windows Best Feature To Linux!! - Invidious

    Have you ever felt like Linux was just missing something but not sure what it was missing, well maybe it was missing a really annoying watermark telling you to activate your system everytime you use it.

  • Why Use The Terminal Instead of GUI Apps? - Invidious

    New Linux users often are confused with why more intermediate-to-advanced users gravitate to the terminal rather than just using GUI apps for the same task. There are reasons why newer users hate the terminal and longtime Linux users love the terminal.

  • Linux in the Ham Shack/LHS Episode #467: The Weekender XCI

    It's time once again for The Weekender. This is our departure into the world of hedonism, random topic excursions, whimsy and (hopefully) knowledge. Thanks for listening and, if you happen to get a chance, feel free to call us or e-mail and send us some feedback. Tell us how we're doing. We'd love to hear from you.

Android Leftovers