Does anyone know if there is anything one as a user can do to mitigate this meanwhile it hopefully gets fixed from higher up?Security researchers have discovered three vulnerabilities in Systemd, a popular init system and service manager for most Linux operating systems, that could allow unprivileged local attackers or malicious programs to gain root access on the targeted systems.
https://thehackernews.com/2019/01/linux ... ploit.html
[SOLVED by updates] New Systemd Privilege Escalation Flaws Affect Most Linux Distributions
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
[SOLVED by updates] New Systemd Privilege Escalation Flaws Affect Most Linux Distributions
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 2 times in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Re: New Systemd Privilege Escalation Flaws Affect Most Linux Distributions
Hate to say it, I told you so, some might remember my post. I can hack in root and take control over linux. I even showed packets in wireshark showing the data being sent. This data was to my computer that used to gain root access. However most just trolled the post. Well now the trolls can read'em and weep. You figured your data was not being sent out, I did tell you look into your logs and then run wireshark see where that data was going. I discovered exactly where that was going.
Re: New Systemd Privilege Escalation Flaws Affect Most Linux Distributions
root shell in 10 - 70 minutes
Researchers have successfully created proof-of-concept exploits, which they are planning to release in the near future.
"We developed an exploit for CVE-2018-16865 and CVE-2018-16866 that obtains a local root shell in 10 minutes on i386 and 70 minutes on amd64, on average," the researchers write in an advisory published Wednesday.
(at least that advisory has some good SoaD clips... grabbing popcornDon't leave your seats now
Popcorn everywhere ...
-- System of a Down, "CUBErt"
Re: New Systemd Privilege Escalation Flaws Affect Most Linux Distributions
hey gomer, hows goober, andy, aunt bee, and opie?
this is my systemd-journald...disabled that sucker a loooong time ago...dont need it, dont use it, and according to that article its systemd-journald that they are trying to exploit from what i can see, and at that, they are still looking at it as a "proof of concept" from experts, not your average gomers, at this time...DAMIEN
damien@damien ~ $ systemctl status systemd-journald
● systemd-journald.service
Loaded: masked (/dev/null; bad)
Active: inactive (dead)
damien@damien ~ $
this is my systemd-journald...disabled that sucker a loooong time ago...dont need it, dont use it, and according to that article its systemd-journald that they are trying to exploit from what i can see, and at that, they are still looking at it as a "proof of concept" from experts, not your average gomers, at this time...DAMIEN
damien@damien ~ $ systemctl status systemd-journald
● systemd-journald.service
Loaded: masked (/dev/null; bad)
Active: inactive (dead)
damien@damien ~ $
Re: New Systemd Privilege Escalation Flaws Affect Most Linux Distributions
Gotta love the look on the penguin in your link. As for the CVE's, from this mornings updates:philotux wrote: ⤴Thu Jan 10, 2019 12:03 pmDoes anyone know if there is anything one as a user can do to mitigate this meanwhile it hopefully gets fixed from higher up?Security researchers have discovered three vulnerabilities in Systemd, a popular init system and service manager for most Linux operating systems, that could allow unprivileged local attackers or malicious programs to gain root access on the targeted systems.
https://thehackernews.com/2019/01/linux ... ploit.html
systemd (237-3ubuntu10.11) bionic-security; urgency=medium
* SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
- debian/patches/CVE-2018-16864.patch: journald: do not store the iovec
entry for process commandline on the stack
- CVE-2018-16864
* SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
- debian/patches/CVE-2018-16865_1.patch: journald: set a limit on the
number of fields (1k)
- debian/patches/CVE-2018-16865_2.patch: journal-remote: set a limit on the
number of fields in a message
- CVE-2018-16865
* SECURITY UPDATE: out-of-bounds read in journald
- debian/patches/CVE-2018-16866.patch: journal: fix syslog_parse_identifier()
- CVE-2018-16866
* Fix LP: #1804603 - btrfs-util: unbreak tmpfiles' subvol creation
- add debian/patches/btrfs-util-unbreak-tmpfiles-subvol-creation.patch
- update debian/patches/series
* Fix LP: #1804864 - test: Set executable bits on TEST-22-TMPFILES shell scripts
- add debian/patches/test-Set-executable-bits-on-TEST-22-TMPFILES-shell-script.patch
- update debian/patches/series
-- Chris Coulson <chris.coulson@canonical.com> Wed, 09 Jan 2019 15:11:53 +0000
Re: New Systemd Privilege Escalation Flaws Affect Most Linux Distributions
and.... the update to fix is arrived:
(see your local trustworthy update manager for more info on this level 4 security update:)
edit to remove duplicated info from greerd last post
(see your local trustworthy update manager for more info on this level 4 security update:)
ps @ greerd and philotux, totally agree- the 'Madagascar' (movie) penguins are the real deal, I've been searching for something to use from that collection as my avatar, always liked them!systemd (237-3ubuntu10.11) bionic-security; urgency=medium
edit to remove duplicated info from greerd last post
Re: New Systemd Privilege Escalation Flaws Affect Most Linux Distributions
Thanks for the info about the updates. I am not on my Mint system at the moment, but i will surely apply them the moment I boot it up next time. I consider this one a solved and mark it as such.
cheers,
philotux
cheers,
philotux
Systemd issues found
Apparently there are three really ugly potential exploits found in Systemd: https://www.youtube.com/watch?v=3FnSbDbRv1o Could this affect us?
Re: Systemd issues found
This has already been fixed by updates:
viewtopic.php?f=61&t=285420
viewtopic.php?f=61&t=285420
Re: Systemd issues found
There is no such thing as an exploit free OS, period, and Linux is actually pretty good at being secure relative to others. There's only one truly 100% reliable way to have a hack free computer. Buy the computer, take it home, and NEVER turn it on.
Don't worry so much. I've done some pretty cavalier things in Linux, like reinstall on my netbook when I was into distro/de hopping and forget to turn on the firewall. This is my netbook which I rarely use at home, just out at hotspot cafes. Never got hacked, and I would've in a millisecond if I'd been running WIndows.
Don't worry so much. I've done some pretty cavalier things in Linux, like reinstall on my netbook when I was into distro/de hopping and forget to turn on the firewall. This is my netbook which I rarely use at home, just out at hotspot cafes. Never got hacked, and I would've in a millisecond if I'd been running WIndows.
For every complex problem there is an answer that is clear, simple, and wrong - H. L. Mencken