Linux kernel flaw endangers millions of PCs, servers and Android devices

Discussion in 'all things UNIX' started by ronjor, Jan 19, 2016.

  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,721
    Location:
    Texas
     
  2. summerheat

    summerheat Registered Member

    Joined:
    May 16, 2015
    Posts:
    720
  3. zakazak

    zakazak Registered Member

    Joined:
    Sep 20, 2010
    Posts:
    523
    And ppl still wonder why av, bb, hips etc is needed on linux :(
     
  4. AutoCascade

    AutoCascade Registered Member

    Joined:
    Feb 16, 2014
    Posts:
    624
    Location:
    United States
    Not needed since this vulnerability is DOA when using a Grsec kernel.

    grsecurity KERNEXEC, hardware SMEP, PAX_REFCOUNT - all block this exploit.

    grsecurity ‏@grsecurity 8 hours ago
    How can you not mention PAX_REFCOUNT when discussing this vuln that makes it DOA? http://perception-point.io/2016/01/...f-a-linux-kernel-vulnerability-cve-2016-0728/
     
    Last edited: Jan 19, 2016
  5. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    No, this is not a reason to have av, bb, hips, etc.
    Mrk
     
  6. summerheat

    summerheat Registered Member

    Joined:
    May 16, 2015
    Posts:
    720
  7. amarildojr

    amarildojr Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    1,963
    Location:
    Brasil
    This isn't an issue to be completely freaked out. However, I would like to see Mr. Linus focusing more on security than performance. Kernel developers drive sport cars, so sponsors clearly can afford a few more developers to look into important parts of the Kernel like this one.

    We shouldn't need Firejail or grsec to be protected against this, the Kernel itself should already be better audited and armed to the teeth against 0-day exploits (in this case, 3-years-old exploit).
     
  8. AutoCascade

    AutoCascade Registered Member

    Joined:
    Feb 16, 2014
    Posts:
    624
    Location:
    United States
    Grsecurity noting a big change a week ago that was signed off by Linus. He may be more and more pressured to put security at the forefront.

    grsecurity ‏@grsecurity Jan 16
    This is a pretty drastic change: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=84638335900f1995495838fe1bd4870c43ec1f67… What happened to that "don't break userland" rule?
     
  9. amarildojr

    amarildojr Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    1,963
    Location:
    Brasil
    This is a good thing, despite if it did break userland or not :p It's better to have a broken userland than an exploited one. On the broken userland, it's easy to patch things or to simply use an older kernel. With an exploited system, the admin may never know what is the extent of the damage.
     
Loading...