New Linux kernel vulnerability

Linux@lemmy.ml – 84 points – 12 months ago

Researchers Uncover New Linux Kernel 'StackRot' Privilege Escalation Vulnerability

A discovered vulnerability for privilage escalation https://thehackernews.com/2023/07/researchers-uncover-new-linux-kernel.html?m=1

If system security is the most important criteria above everything else, switch to using BSD.

I think that's already patched

Why isn't this top comment lol

What I'd like to know is, how can I find out when these kernel patches came or will come to something like Ubuntu or CentOS or SLES?

Opencve.

Also, just hook up to yum and keep that test VM set updating daily.

EL has been so stable that I've had a good portion of the herd cron-yumming for about 20 years now. It's gone about 2% to shit since systemd and networkmangler and other useless fridge art, but it's still the easiest method to avoid 95% of problems.

You may not like the numbers, but 7 THOUSAND consecutive successful update runs is a decent enough track record for me. Make sure to needs-rebooting&&reboot on a decent schedule.

switch to using BSD

TempleOS has always been the answer, no vulnerabilities as it can't even connect to the internet

They hated him because he spoke the truth

Can't have a privilege escalation when there are no privileges, since every process runs in the same address space in ring 0.

Who needs the internet when you have a direct connection to His Kingdom.

It even has cool games!

it apparently has a Moses simulator or something like that

If system security is the most important criteria above everything else, switch to using BSD.

nice bait mate.

After reading this i immediately switched to BSD.

BSD boosterism is a meme, I know, but honestly this is the incorrect take.

Anything as large and complicated as a kernel has bugs. Some of those bugs may be security related. If security is your concern, you want to use the kernel which has people actively publishing those bugs so they can be patched.

The fact you haven't seen privilege escalation vulnerabilities in BSD isn't necessarily because they aren't there. We don't know that. What we do know is that not as many people are looking.

The fact you haven’t seen privilege escalation vulnerabilities in BSD isn’t necessarily because they aren’t there.

aka 'absence of proof isn't proof of absence'.

So you switch your OS every time a vulnerability is discovered in it? You'd run out of OSs really fast

That's the goal of OpenBSD, to prioritize security and actively find ways to crack or break OpenBSD in order to consistently harden it to the point that people at DEFCON conferences have given up trying to hack it due to being such a lengthy process each time only to fail.

If system security is the most important criteria above everything else, switch to using BSD.

Jingoism aside, anyone running enterprise Linux is also not affected.

So calm down. It's just the "concept car" versions affected, and your work shouldn't be calling you for anything.

Trippy. I was just tempted to make a post asking about how hard it would be in rust to make a program with high end security and privacy. I decided not to, but then starting to wonder if memory could be put onto the swap file and then edited, and they this post showed up. I thought clearly, without a doubt they would make the swap system near perfect and i shouldn't worry about that. haha