Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Security updates for Tuesday [LWN.net]

    Security updates have been issued by CentOS (java-11-openjdk), Debian (aide, apr, ipython, openjdk-11, qt4-x11, and strongswan), Fedora (binaryen and rust), Mageia (expat, htmldoc, libreswan, mysql-connector-c++, phpmyadmin, python-celery, python-numpy, and webkit2), openSUSE (kernel and virtualbox), Red Hat (etcd, libreswan, nodejs:14, OpenJDK 11.0.14, OpenJDK 17.0.2, and rpm), Slackware (expat), SUSE (java-1_7_1-ibm, kernel, and zxing-cpp), and Ubuntu (strongswan).

  • Linux kernel bug can let hackers escape Kubernetes containers [Ed: Kubernetes and containers do not mean Linux kernel, but when a site is determined to boost Microsoft everything will always be blamed on "Linux"]

    A vulnerability affecting Linux kernel and tracked as CVE-2022-0185 can be used to escape containers in Kubernetes, giving access to resources on the host system.

  • Major Linux PolicyKit security vulnerability uncovered: Pwnkit | ZDNet

    If it's not one thing, it's another. After one real Linux problem -- the heap overflow bug in the Linux kernel's fs/fs_context.c program -- is found and fixed, then a new security problem is discovered. This time security company Qualys has uncovered a truly dangerous memory corruption vulnerability in polkit's pkexec, CVE-2021-4034.

    Polkit, formerly known as PolicyKit, is a systemd SUID-root program. It's installed by default in every major Linux distribution.

Systemd security

  • A new Polkit vulnerability

    Qualys has announced the disclosure of a local-root vulnerability in Polkit. They are calling it "PwnKit" and have even provided a proof-of-concept video.

Microsoft boosters are calling systemd "Linux"

"Linux" vuln

Two more

A Polkit Vulnerability Gives Root on All Major Linux Distros

  • A Polkit Vulnerability Gives Root on All Major Linux Distros

    A 12-year-old security vulnerability has been disclosed in the Linux’s system utility Polkit that grants attackers root privileges.

    Previously called PolicyKit, Polkit manages system-wide privileges in Linux. It provides a mechanism for nonprivileged processes to safely interact with privileged processes and it’s installed by default in every major Linux distribution.

    Yesterday, researchers from Qualys published an advisory about a local privilege escalation vulnerability in the pkexec tool, that is installed as part of the Polkit. The pkexec tool, which is a command line tool, is used to define which authorized user can execute a program as another user.

Dan Goodin

Bryan Cockfield

  • Major Bug Grants Root For All Major Linux Distributions | Hackaday

    One of the major reasons behind choosing Linux as an operating system is that it’s much more secure than Windows. There are plenty of reasons for this including appropriate user permissions, installing software from trusted sources and, of course, the fact that most software for Linux including the Linux kernel itself is open source which allows anyone to review the code for vulnerabilities. This doesn’t mean that Linux is perfectly secure though, as researchers recently found a major bug found in most major Linux distributions that allows anyone to run code as the root user.

Duo

SiliconANGLE

SoylentNews

Easily Exploitable Linux Flaw Exposes All Distributions: Qualys

  • Easily Exploitable Linux Flaw Exposes All Distributions: Qualys | eSecurityPlanet

    An easily exploited flaw in a program found in every major Linux distribution is the latest serious security issue that has arisen in the open-source space in recent weeks.

    Researchers at cybersecurity vendor Qualys this week disclosed the memory corruption vulnerability in polkit’s pkexec, which if exploited by a bad actor can enable an unprivileged user to gain full root privileges on a system, giving the unprivileged user administrative rights.

    The vulnerability, tracked as CVE-2021-4034, has “been hiding in plain sight” for more than 12 years and infects all versions of polkit’s pkexec since it was first developed in 2009, Bharat Jogi, director of vulnerability and threat research at Qualys, wrote in a blog post.

    Polkit’s (formerly PolicyKit) pkexec is a component used to control system-wide privileges in Unix-like operating systems, enabling non-privileged processes to communicate with privileged processes in an organized fashion. It also can be used to execute commands with elevated privileges using the command pkexec followed by the command intended to be executed with root permission.

Lawrence Abrams, a Microsoft booster, framing a VMware...

  • Linux version of LockBit ransomware targets VMware ESXi servers
    [Ed: Lawrence Abrams, a Microsoft booster, framing a VMware issue as "Linux"]

    LockBit is the latest ransomware gang whose Linux encryptor has been discovered to be focusing on the encryption of VMware ESXi virtual machines.

    [...]

    While ESXi is not strictly Linux, it does share many of its characteristics, including the ability to run ELF64 Linux executables.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

digiKam 7.7.0 is released

After three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. Read more

Dilution and Misuse of the "Linux" Brand

Samsung, Red Hat to Work on Linux Drivers for Future Tech

The metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. Read more

today's howtos

  • How to install go1.19beta on Ubuntu 22.04 – NextGenTips

    In this tutorial, we are going to explore how to install go on Ubuntu 22.04 Golang is an open-source programming language that is easy to learn and use. It is built-in concurrency and has a robust standard library. It is reliable, builds fast, and efficient software that scales fast. Its concurrency mechanisms make it easy to write programs that get the most out of multicore and networked machines, while its novel-type systems enable flexible and modular program constructions. Go compiles quickly to machine code and has the convenience of garbage collection and the power of run-time reflection. In this guide, we are going to learn how to install golang 1.19beta on Ubuntu 22.04. Go 1.19beta1 is not yet released. There is so much work in progress with all the documentation.

  • molecule test: failed to connect to bus in systemd container - openQA bites

    Ansible Molecule is a project to help you test your ansible roles. I’m using molecule for automatically testing the ansible roles of geekoops.

  • How To Install MongoDB on AlmaLinux 9 - idroot

    In this tutorial, we will show you how to install MongoDB on AlmaLinux 9. For those of you who didn’t know, MongoDB is a high-performance, highly scalable document-oriented NoSQL database. Unlike in SQL databases where data is stored in rows and columns inside tables, in MongoDB, data is structured in JSON-like format inside records which are referred to as documents. The open-source attribute of MongoDB as a database software makes it an ideal candidate for almost any database-related project. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the MongoDB NoSQL database on AlmaLinux 9. You can follow the same instructions for CentOS and Rocky Linux.

  • An introduction (and how-to) to Plugin Loader for the Steam Deck. - Invidious
  • Self-host a Ghost Blog With Traefik

    Ghost is a very popular open-source content management system. Started as an alternative to WordPress and it went on to become an alternative to Substack by focusing on membership and newsletter. The creators of Ghost offer managed Pro hosting but it may not fit everyone's budget. Alternatively, you can self-host it on your own cloud servers. On Linux handbook, we already have a guide on deploying Ghost with Docker in a reverse proxy setup. Instead of Ngnix reverse proxy, you can also use another software called Traefik with Docker. It is a popular open-source cloud-native application proxy, API Gateway, Edge-router, and more. I use Traefik to secure my websites using an SSL certificate obtained from Let's Encrypt. Once deployed, Traefik can automatically manage your certificates and their renewals. In this tutorial, I'll share the necessary steps for deploying a Ghost blog with Docker and Traefik.