Дискусије : Заштита

Коментар
zakrpljena 5 godina stara rupa u linux kernelu
ali_deda_i_40_ajduka
(udaren u glavu)
19. август 2010. у 02.41
http://news.softpedia.com/news/Critical-Vulnerability-Silently-Patched-in-Linux-Kernel-152678.shtml

Konacno je zakrpljena 5 godina stara rupa u linux kerlnelu.
Šta se za tih 5 godina izdrsavalo na linux masinama smao bog zna.

Critical Vulnerability Silently Patched in Linux Kernel

ugust 18th, 2010, 10:15 GMT | By Lucian Constantin

Critical vulnerability found and patched in Linux kernel
Enlarge picture
A highly dangerous privilege escalation vulnerability, which can allow an attacker to execute arbitrary code as root from any GUI application, has been patched in the Linux kernel.

The flaw was discovered by Rafal Wojtczuk, principal researcher at Invisible Things Lab (ITL), a security research company based in Poland.

According to Joanna Rutkowska, founder of ITL, the bug was discovered while Mr. Wojtczuk was working on GUI virtualization in Qubes OS, an operating system developed by the company, in which every application runs in a separate virtual machine.

„The attack allows a (unpriviliged) user process that has access to the X server (so, any GUI application) to unconditionally escalate to root (but again, it doesn't take advantage of any bug in the X server!).

”In other words: any GUI application (think e.g. sandboxed PDF viewer), if compromised (e.g. via malicious PDF document) can bypass all the Linux fancy security mechanisms, and escalate to root, and compromise the whole system,„ Ms. Rutkowska explains in a post on the company's blog.

The attack and the vulnerability are described in more detail in a paper (PDF) entitled ”Exploiting large memory management vulnerabilities in Xorg server running on Linux,„ authored by Rafal Wojtczuk and published yesterday.

The flaw affects both x86_32 and x86_64 platforms and was reported to the X.org security team on 17 June 2010.

It was eventually agreed that the issue needs to be addressed in the Linux kernel, which was apparently vulnerable to the attack since version 2.6 was originally released.

On 13 August, Linus Torvalds committed an initial fix, but several patches were added afterward for various reasons. The problem has been addressed in versions 2.6.27.52, 2.6.32.19, 2.6.34.4 and 2.6.35.2 of the kernel.

This is described in a Red Hat security advisory giving the bug a ”high„ severity rating. Judging by Joanna Rutkowska's malicious PDF example, there is a remote attack vector associated with this vulnerability, which has been assigned the CVE-2010-2240 ID.”
ali_deda_i_40_ajduka
(udaren u glavu)
19. август 2010. у 04.24
[quote]
The attack allows a (unpriviliged) user process that has access to the X server (so, any GUI application) to unconditionally escalate to root (but again, it doesn't take advantage of any bug in the X server!). In other words: any GUI application (think e.g. sandboxed PDF viewer), if compromised (e.g. via malicious PDF document) can bypass all the Linux fancy security mechanisms, and escalate to root, and compromise the whole system. The attack allows even to escape from the SELinux's „sandbox -X” jail. To make it worse, the attack has been possible for at least several years, most likely since the introduction of kernel 2.6.g[/quote]

bruka,
ovo nije bug nego logicka rupa u dizajnu linux kernela, stara koliko i kernel 2.6

di je sad ono: „kad milijuni oci gledaju u open source svi se bugovi brzo nađu” ™

ali_deda_i_40_ajduka
(udaren u glavu)
19. август 2010. у 17.30
@Mostro,

Ubuntu je izbacio zakrpu kernela vidi da li su tvoji to odradili.
Mostro
(junior member)
20. август 2010. у 04.18
nemam pojma, tu se i ne zna koliko ima rupa, ali sljaka i ne zaustavlja se.
Gledao sam par puta onaj Mint 9 lxde, pa razmišljam da li da predjem na njega, mada ima i on nekih bagova, ali mi se čini jako brz i sa diska. On je na bazi ubuntua i sa njegovim repozitorijumima. Lxde verzija zauzima jako malo ram-a i leti ko i win-7 i na starim racunarima.
Mogu oni da se proseravaju sa pronalazenjem bagova, ali nisu mnogo odmakli od starog Mandrake 10.1. Po nekad mi dodje da ga vratim na poso :))
ali_deda_i_40_ajduka
(udaren u glavu)
20. август 2010. у 10.24
Ovo vise nije ni exploit ovo je kao da si ostavio punu kucu love i ostavio sva vrata i prozore otvorene, sad kad je objavjeno to je još kao da si i stavio plaklate navali narode. Juče je izasao patch kernela, tebi na volju da li ćeš zakrpiti ili nećeš.
Mostro
(junior member)
20. август 2010. у 15.43
pa ovi su izbacili novu distribuciju 2010.7 a 2010.1 vise i ne može da se nadje za download. Ja imam tu 2010.1 instaliranu, a na disku imam i novu. Inače se lako napravi i upgrade iz sinaptika, uradicu ga.
Na forumu im piše: This is a bug fix update to fix an issue with some nvidia cards. (ako je to to o cemu si pisao ?)
... New kernel: 2.6.33.5 bfs
mada, nisam čuo da je neko imao problema zbog te rupe.
ali_deda_i_40_ajduka
(udaren u glavu)
21. август 2010. у 05.22
Ta zakrpa kernela nema veze sa nVidia, lepo piše da su busne sve verzije kernela 2.6.x.x. Gore u prvom tekstu piše sve kako radi taj exploit.
Mostro
(junior member)
21. август 2010. у 13.35
pa nisu sve, valjda one koje su naveli:

„The problem has been addressed in versions 2.6.27.52, 2.6.32.19, 2.6.34.4 and 2.6.35.2 of the kernel.”

znaci nema kernela 2.6.33.5 bfs.
ali_deda_i_40_ajduka
(udaren u glavu)
21. август 2010. у 16.28
Koliko sam od frlje nabo taj tvoj kernel 2.6.33.5 bfs je prepravljan, ako nema zakrpe onda nema ni rupe.
Коментар Запамти ову тему!
Looking for PomPom Keychains?
.