Found, NSA backdoor into Linux Kernel

[NSA_Dontspyoneme]

Is 3.16.0-38 affected?

BS or real??? ----- http://www.wired.com/2016/01/hack-brief ... linux-bug/

Hack Brief: Years-Old Linux Bug Exposes Millions of Devices

An Israeli security research firm has come forward with a troubling discovery. A zero-day vulnerability in the Linux kernel has left “tens of millions” of Linux PCs and servers exposed, along with 66 percent of Android phones and tablets. And it’s been there for nearly three years.
The Hack

In a blog post detailing the issue, Perception Point researchers say that problem stems from the Linux keyring facility, essentially a locker where apps can stash authentication and encryption keys, security data, and other sensitive info. The bug, outlined in more depth here but described as “fairly straightforward,” can ultimately allow an attacker to pose as a local user and gain root access to a device.

Who’s Affected?

In addition to the “tens of millions” of Linux PCs and servers running Linux Kernel version 3.8 and higher, because Android shares some code with Linux, the vulnerability affects any Android device running version 4.4 or later. As of January 4, that adds up to 69.4 percent of all Android devices, even more than the researchers estimated. Basically, if you’ve bought or upgraded your Android device within the last two years or so, that device is vulnerable.

[otacon14112]

I know the NSA helped create android; it's in the documentation for the android sdk. Android runs on a linux kernel. I don't know anything beyond that. Wouldn't surprise me, but I hope it's false, and if it is true, then I hope Linus Torvalds does something about it. I don't know if Linus still manages the kernel development, but if he does, then I don't know how he wouldn't have known about this.

[Pjotr]

Where does the NSA come in?

Anyway, upgrade your kernel to the latest witin its series and you should be fine.

[z31fanatic]

You don't mess you with America, we'll always know where you are and what you do.

[NSA_Dontspyoneme]

I know the NSA helped create android; it's in the documentation for the android sdk. Android runs on a linux kernel. I don't know anything beyond that. Wouldn't surprise me, but I hope it's false, and if it is true, then I hope Linus Torvalds does something about it. I don't know if Linus still manages the kernel development, but if he does, then I don't know how he wouldn't have known about this.

Linus Torvalds was quoted as saying the NSA came knocking at his door and wanted him to backdoor a bug into linux. He didnt say if he did or didnt.

[NSA_Dontspyoneme]

Where does the NSA come in?

Anyway, upgrade your kernel to the latest witin its series and you should be fine.

It affects kernel 3.8 and HIGHER, below is safe???

[Pjotr]

Where does the NSA come in?

Anyway, upgrade your kernel to the latest witin its series and you should be fine.

It affects kernel 3.8 and HIGHER, below is safe???

See: http://www.cyberciti.biz/faq/linux-cve- ... ility-fix/

So for the 3.13 kernel series, the 3.13.0-76 already contains the fix. The other kernel series (3.16, 3.19 and 4.2) probably also contain it in their latest versions. The response of the devs to things like this, is usually very fast.

[Moem]

Linus Torvalds was quoted as saying the NSA came knocking at his door and wanted him to backdoor a bug into linux. He didnt say if he did or didnt.

Interesting, do you have a source for that?

[Pjotr]

Linus Torvalds was quoted as saying the NSA came knocking at his door and wanted him to backdoor a bug into linux. He didnt say if he did or didnt.

Interesting, do you have a source for that?

https://www.youtube.com/watch?v=7gRsgkdfYJ8

Note that it's rather difficult to keep such a thing hidden in open source software....

[Cosmo.]

For those who prefer to read instead of watching videos: http://falkvinge.net/2013/11/17/nsa-ask ... -gnulinux/

Other sources say, that this is a misunderstanding and he was never been asked: http://mashable.com/2013/09/19/linus-to ... oor-linux/

[Moem]

Thank you so much Cosmo. I do prefer to read rather than to watch videos and I can't be the only one.

[Hoser Rob]

Where does the NSA come in?

Anyway, upgrade your kernel to the latest witin its series and you should be fine.

Agree 100% with that.

Though I don't 100% agree that things like this can't be hidden in open source software. Some of those encryption algorithms use very advanced math ... number theory et al. That stuff is so complex that bugs can hide for years. One recent one was 22 years old. It may be open source but hardly anyone can understand it.

[Habitual]

Is 3.16.0-38 affected?

BS or real??? ----- http://www.wired.com/2016/01/hack-brief ... linux-bug/
...
Who’s Affected?

In addition to the “tens of millions” of Linux PCs and servers running Linux Kernel version 3.8 and higher, because Android shares some code with Linux, the vulnerability affects any Android device running version 4.4 or later. As of January 4, that adds up to 69.4 percent of all Android devices, even more than the researchers estimated. Basically, if you’ve bought or upgraded your Android device within the last two years or so, that device is vulnerable.

I don't know what BS you're quoting, but I see this

Who’s Affected?

As far as Perception Point can tell, nobody so far.

at http://www.wired.com/2016/01/hack-brief ... linux-bug/
Date of Publication: 01.20.16. 01.20.16
Time of Publication: 10:16 am. 10:16 am

[NSA_Dontspyoneme]

Right.....

User to root exploit is no big deal. What could go wrong.

Here is the security teams detailed look into it. Not good!

http://perception-point.io/2016/01/14/a ... 2016-0728/


"In this write-up, we’ll discuss the technical details of the vulnerability as well as the techniques used to achieve kernel code execution using the vulnerability. Ultimately, the PoC provided successfully escalates privileges from a local user to root."

http://perception-point.io/wp-content/u ... xample.png

Is 3.16.0-38 affected?

BS or real??? ----- http://www.wired.com/2016/01/hack-brief ... linux-bug/
...
Who’s Affected?

In addition to the “tens of millions” of Linux PCs and servers running Linux Kernel version 3.8 and higher, because Android shares some code with Linux, the vulnerability affects any Android device running version 4.4 or later. As of January 4, that adds up to 69.4 percent of all Android devices, even more than the researchers estimated. Basically, if you’ve bought or upgraded your Android device within the last two years or so, that device is vulnerable.

I don't know what BS you're quoting, but I see this

Who’s Affected?

As far as Perception Point can tell, nobody so far.

at http://www.wired.com/2016/01/hack-brief ... linux-bug/
Date of Publication: 01.20.16. 01.20.16
Time of Publication: 10:16 am. 10:16 am

[GreyGeek]

Right.....

User to root exploit is no big deal. What could go wrong.

Here is the security teams detailed look into it. Not good!

"... Ultimately, the PoC provided successfully escalates privileges from a local user to root"

Notice that it is a "local user" exploit, not one that is remotely accessible. If a bad guy already has access to your home account then you have worse problems than this exploit!

[d00med]

The article has nothing to do with the NSA. OP is a troll spreading FUD. His account was made today just to post this misinformation.

Linus Torvalds was quoted as saying the NSA came knocking at his door and wanted him to backdoor a bug into linux. He didnt say if he did or didnt.

Interesting, do you have a source for that?

https://www.youtube.com/watch?v=7gRsgkdfYJ8

Note that it's rather difficult to keep such a thing hidden in open source software....

You think that's a source? He was clearly joking.

[Habitual]

http://mashable.com/2013/09/19/linus-to ... oor-linux/

[altair4]

Between the NSA, human DNA manipulation from space aliens, and systemd what's a fella to do?

[Habitual]

Between the NSA, human DNA manipulation from space aliens, and systemd what's a fella to do?

Muldur and Scully are on the case.

[gunvolt]

This is not a backdoor, it is a long-standing bug. It is totally impractical to exploit, taking hours on high-end hardware.