(OLD) (ARCHIVED) Puppy Linux Discussion Forum Forum Index (OLD) (ARCHIVED) Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info

This forum can also be accessed as http://oldforum.puppylinux.com
It is now read-only and serves only as archives.

Please register over the NEW forum
https://forum.puppylinux.com
and continue your work there. Thank you.

 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups    
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Tue 19 Jan 2021, 05:15
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Many Millions of Linux are affected by this security hole
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies. View previous topic :: View next topic
Page 1 of 4 [57 Posts]   Goto page: 1, 2, 3, 4 Next
Author Message
gcmartin

Joined: 14 Oct 2005
Posts: 6730
Location: Earth

PostPosted: Wed 20 Jan 2016, 02:58    Post subject:  Many Millions of Linux are affected by this security hole  

Reported yesterday.
_________________
Get ACTIVE Create Circles; Do those good things which benefit people's needs!
We are all related ... Its time to show that we know this!
3 Different Puppy Search Engines or use DogPile
Back to top
View user's profile Send private message 
eric52


Joined: 16 Nov 2015
Posts: 252
Location: Southbury, CT

PostPosted: Wed 20 Jan 2016, 13:24    Post subject:  

Thanks GCM, I'm glad I never gave in to the temptation to bank online.
_________________
Today only. Anger not. Worry not. Be grateful working karma. Be kind.
Back to top
View user's profile Send private message 
Scooby

Joined: 03 Mar 2012
Posts: 601

PostPosted: Wed 20 Jan 2016, 15:01    Post subject:  

I tried the reported kernel vulnerability.

Took the addresses from system.map for my kernel
version 4.1.6 for prepare_kernel_cred and commit_creds

It took 37 min to complete

Code:
$ ./cve_2016_0728 PP_KEY
uid=1000, euid=1000
Increfing...
finished increfing
forking...
finished forking
caling revoke...
uid=1000, euid=1000
$ id -u
1000
$ id -un
alpha


I am still not root at the end?

Maybe a bit overestimated this bug?

I couldn't reproduce?

posted at their site about it too but seems like they deleted it?
perhaps they just want publicity?

Last edited by Scooby on Wed 20 Jan 2016, 15:50; edited 1 time in total
Back to top
View user's profile Send private message 
Ted Dog


Joined: 13 Sep 2005
Posts: 4013
Location: Heart of Texas

PostPosted: Wed 20 Jan 2016, 15:25    Post subject:  

eric52 wrote:
Thanks GCM, I'm glad I never gave in to the temptation to bank online.


I worked at a top three security documents company and transfer programs between investment group banking and Federal Reserve.. I also do NOT do online banking. There is solid active involvement realtime to stop those problems but I only saw it at the intrabank level Wink
Back to top
View user's profile Send private message 
gcmartin

Joined: 14 Oct 2005
Posts: 6730
Location: Earth

PostPosted: Wed 20 Jan 2016, 16:14    Post subject:  

Hello all. @Scooby, the "Security" is an Industry unto itself.

Some of the recent years finds are a discovery disclosure for which there have been no known exploits. It does gather our attentions. I have often wondered if its about tooting their own horns or if intending to invite exploit attempts or to make exploiters aware of "open doors" so that they can say "I told you so".

In Corporate meetings over the many years, the Security people use tactics to get financing from top management. I understand that they have a job to do and to protect. This is done in showing value to the organization in some cases. At fiscal end, their report of thwarting potential exploits allows their budgets to remain.

This is NOT always the case, but, raising worldwide awareness of a bug that has no history of exploits make you wonder why it just wasn't closed without the fanfare.

FYI

Last edited by gcmartin on Wed 20 Jan 2016, 16:24; edited 1 time in total
Back to top
View user's profile Send private message 
rufwoof


Joined: 24 Feb 2014
Posts: 3725

PostPosted: Wed 20 Jan 2016, 16:22    Post subject:  

Quote:
Vulnerability allows restricted users and apps to gain unfettered root access

For Puppy where users run as root anyway ... users gaining access to root isn't a vulnerability ... its a feature. Therefore only if you're running servers is this a issue, otherwise just count it as anti-Linux noise.

_________________
( ͡° ͜ʖ ͡°) :wq
Fatdog multi-session usb

echo url|sed -e 's/^/(c/' -e 's/$/ hashbang.sh)/'|sh
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 2190
Location: N.E. USA

PostPosted: Wed 20 Jan 2016, 16:24    Post subject:  

It would appear that one must not be root at the start of the test.
One then becomes root at the end if the bug is present.

_________________
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."
Back to top
View user's profile Send private message 
greengeek


Joined: 20 Jul 2010
Posts: 5834
Location: Republic of Novo Zelande

PostPosted: Thu 21 Jan 2016, 02:59    Post subject:  

Quote:
The flaw, which was introduced into the Linux kernel in version 3.8 released in early 2013, resides in the OS keyring
Ha! another reason to stick with Slacko 5.6
Everything after that uses kernels that are well penetrated.
Back to top
View user's profile Send private message 
Daleb

Joined: 21 Jan 2016
Posts: 33

PostPosted: Thu 21 Jan 2016, 06:03    Post subject:  

user jamesbond says this is a troll story

http://www.murga-linux.com/puppy/viewtopic.php?p=883124#883124
Back to top
View user's profile Send private message 
jamesbond

Joined: 26 Feb 2007
Posts: 3475
Location: The Blue Marble

PostPosted: Thu 21 Jan 2016, 06:34    Post subject:  

Daleb wrote:
user jamesbond says this is a troll story

http://www.murga-linux.com/puppy/viewtopic.php?p=883124#883124


You must have something wrong on your head Bindee. I did not say that this thread is a troll story; I am saying that you --> "DALEB" <-- is a troll, another sockpuppet from the troll Bindee.

Your first two posts after you registered is:
a) Is Fatdog64 Contributed thread infested with RATs?
b) The just released Fatdog64 702rc has a compromised kernel.
Yet, you are not a Fatdog64 user nor a Puppy user. So why should you care?

You, sir, is a troll. Your presence here in this forum is a disservice to all. You do not belong here. Now go back to where you came from, troll! Evil or Very Mad

_________________
Fatdog64 forum links: Latest version | Contributed packages | ISO builder
Back to top
View user's profile Send private message 
mavrothal


Joined: 24 Aug 2009
Posts: 3108

PostPosted: Thu 21 Jan 2016, 08:55    Post subject:  

Would be nice if people bather to look past the headlines and look a bit further.
Quote:
It’s pretty bad because a user with legitimate or lower privileges can gain root access and compromise the whole machine
...
an attacker would require local access to exploit the vulnerability on a Linux server

Puppy runs as root.
Puppy is NOT multi-user.
Puppy (usually) is not a server.
So, yes this is a kernel bug that can affect servers and multiuser machines given that someone has local access to it.
If someone has local access to your puppy I do not think will require any bug exploit.

Regarding Android, the user must install the malicious app (none know yet)...

_________________
== Here is how to solve your Linux problems fast ==
Back to top
View user's profile Send private message 
6502coder


Joined: 23 Mar 2009
Posts: 682
Location: Western United States

PostPosted: Thu 21 Jan 2016, 19:58    Post subject:  

Much ado about not a lot, according to ZDNet:

http://www.zdnet.com/article/how-to-fix-the-latest-linux-and-android-zero-day-flaw
Back to top
View user's profile Send private message 
gcmartin

Joined: 14 Oct 2005
Posts: 6730
Location: Earth

PostPosted: Thu 21 Jan 2016, 22:09    Post subject:  

Thanks @6502Coder. The article drives home what I shared earlier.
_________________
Get ACTIVE Create Circles; Do those good things which benefit people's needs!
We are all related ... Its time to show that we know this!
3 Different Puppy Search Engines or use DogPile
Back to top
View user's profile Send private message 
Scooby

Joined: 03 Mar 2012
Posts: 601

PostPosted: Fri 22 Jan 2016, 16:19    Post subject:  

6502coder wrote:
Much ado about not a lot, according to ZDNet:

http://www.zdnet.com/article/how-to-fix-the-latest-linux-and-android-zero-day-flaw


Okay what I gained from reading the link is that my test to elevate
privileges on kernel 4.1.6 is beause SMEP or SMAP is activated.

SMEP and SMAP seems to be activated by default if CPU supports it?

I cannot however to find any command to check if SMEP or SMAP
is activated for my booted kernel?

Does anyone know?

*EDIT*
Saw some mention that this could verify SMEP
Code:

cat /proc/cpu | grep smep


also to see if kernel supports SMAP

Code:
> zgrep X86_SMAP /proc/config.gz
CONFIG_X86_SMAP=y


When searching for SMEP and SMAP with my cpu it seems I have neither


So why does the exploit fail?

.
Back to top
View user's profile Send private message 
starhawk

Joined: 22 Nov 2010
Posts: 5056
Location: Everybody knows this is nowhere...

PostPosted: Fri 22 Jan 2016, 17:04    Post subject:  

mavrothal wrote:
Would be nice if people bather to look past the headlines and look a bit further.
Quote:
It’s pretty bad because a user with legitimate or lower privileges can gain root access and compromise the whole machine
...
an attacker would require local access to exploit the vulnerability on a Linux server

Puppy runs as root.
Puppy is NOT multi-user.
Puppy (usually) is not a server.
So, yes this is a kernel bug that can affect servers and multiuser machines given that someone has local access to it.
If someone has local access to your puppy I do not think will require any bug exploit.

Regarding Android, the user must install the malicious app (none know yet)...


Well put indeed. This is FUD at best... as are most of these supposed 'exploits' or 'flaws'. Linux is about 95+% secure from this crap (assuming you don't run WINE) -- not by design, but because nobody of consequence in any position to create an exploit like that actually cares about Linux anything anywhere. It is wasted time and productivity better spent elsewhere. The few exceptions to this rule (Wikipedia has a page on them) are not really worth mentioning -- a double handful (maybe) of abortive efforts, all at least five years out of date (and I want to say more like fifteen for most). A goodly percentage aren't even in circulation anymore as I understand it. They have been completely eradicated.

Viruses, worms, trojans, etc are about MONEY, just like everything else in this world. Money, and want of it, and greed over it. Think of all the fake antivirus crap that Windows users get, begging them to install backdoor-laden programs that just spew out more of the same. Look at Cryptolocker and its ilk. Not to mention that "FBI" virus that had people mail prepaid Wal*Mart cards to strange addresses. Yes, all of those actually WORKED, at least enough to satisfy their creators.

There is no meaningful market for that trash here on Linux, and there never has been, because not enough people are willing to move here from The Dark Side to make it worthwhile. (Perhaps we should be thankful, particularly given the state of modern computer education...) If M$ ever goes under *and* people don't just shuffle over to That Fruit Company and get their daily dose of bloated disposable crapware from there, then we might at that point have something to talk about.

In the meantime, Shakespeare said it best. "Much ado about nothing." A statement particularly true, in this case, of Puppy Linux as a whole.

_________________

Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 4 [57 Posts]   Goto page: 1, 2, 3, 4 Next
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies. View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.6448s ][ Queries: 13 (0.5234s) ][ GZIP on ]