Registar

User Tag List

Likes Likes:  0
Página 2 de 2 PrimeiroPrimeiro 12
Resultados 16 a 18 de 18

Tópico: Linux Kernel

  1. #16
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Google Patches the Linux Kernel Exploit in Android, Believes Impact is Exaggerated

    A zero-day vulnerability in the Linux kernel was disclosed earlier this week by Perception Point and Red Hat. Google has now released the patch for Android Linux vulnerability, but doesn’t believe that many Android devices are at risk.

    Android Linux vulnerability patched, doesn’t affect many devices:

    Google has prepared a patch for Android addressing a Linux kernel vulnerability, but the tech giant believes that the number of affected devices is much smaller than initially reported. Perception Point who disclosed the vulnerability had claimed that 66% of Android devices were affected. “Linux bug imperils tens of millions of PCs, servers, and Android phones,” ArsTechnica had reported. Google’s Adrain Ludwig now says that the actual number of affected devices is much smaller. The exploit, dependent on CONFIG_KEYS, has been present in all Linux kernels since 3.8. However, the recommended configuration for the Android Linux has the CONFIG_KEYS disabled, making quite a fewer Android devices at risk.
    The exploit could be used by a hacker to gain root access of an Android device, but it requires a lot of processing time. Ludwig says that Android 5.0 and higher versions are safe thanks to SELinux which prevents third-party apps from interacting with the kernel. Moreover, he also says that Nexus devices are not affected. The risk then comes down to Android devices running on Android 4.4 and have CONFIG_KEYS enabled.
    Advertisements


    We believe that no Nexus devices are vulnerable to exploitation by 3rd party applications. Further, devices with Android 5.0 and above are protected, as the Android SELinux policy prevents 3rd party applications from reaching the affected code. Also, many devices running Android 4.4 and earlier do not contain the vulnerable code introduced in linux kernel 3.8, as those newer kernel versions not common on older Android devices. – Adrian Ludwig
    Perception Point claims that while SELinux is more difficult to exploit the vulnerability, however, the protection can still be bypassed.
    Google is investigating the issue to further determine the scale of the risk. The company has prepared the patch and released it to open source and partners today. The CVE-2016-0728 patch will be rolled out in the March security update.


    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  2. #17
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    GNU/Linux hit by glibc security vulnerability

    Researchers have discovered and patched a serious security vulnerability in glibc, a library bundled with most GNU/Linux distributions.

    Security teams from Google and Red Hat have warned of a serious vulnerability in the glibc library used by many GNU/Linux distributions, which can be used to attack servers through DNS resolution.

    Google's Online Security Blog announced the flaw last last night, having run into issues crashing an SSH client which were traced back to a flaw in glibc. Rather than simply causing instability, however, the team soon discovered a buffer overflow issue which could be exploited to run arbitrary code on a system through a malicious DNS query - though mitigated by protections elsewhere within the operating system, such as address space layout randomisation (ASLR).

    Google's security team wasn't alone in its investigation, however: two researchers at Linux vendor Red Hat had also found the flaw and begun their own investigation. Teaming up, the researchers were able to develop and test a patch for the issue which has now begun being distributed to clients. The ubiquity of Linux in embedded appliances, from network routers through to 'smart' lightbulbs, could make entirely eradicating the flaw difficult, however: vendors frequently treat the firmware of such devices as inviolate, rarely keeping package versions up-to-date.

    Interestingly, this isn't the first time the bug had been spotted. The project's bug tracker has an entry dating back to July 2015 for the same issue, but it was given a low importance as it was not believed to be security related - a mistake which the new patch has now rectified.

    In short, if you use Linux with the GNU packages: update glibc at your earliest convenience.
    Noticia:
    http://www.bit-tech.net/news/bits/20...ulnerability/1
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  3. #18
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Security Researchers At Red Hat And Google Warn Of Serious Linux Skeleton Key Vulnerability

    image: http://hothardware.com/ContentImages...nerability.jpg
    If you operate a Linux-based computer system, especially a server, here's something you will want to make sure you do if you haven't done so in the past week: update. Last week, researchers at Google and Red Hat jointly announced a severe vulnerability that plagues glibc, aka: GNU C Library, which virtually every Linux install will have. If you updated within the past week, you're likely safe, but if you're not sure you patched this particular bug, run the updater again just to double-check. As usual it's always better to be safe than sorry.

    “Essentially, through this flaw, attackers could remotely crash or even force the execution of malicious code on machines without the knowledge of the end user,” according to Red Hat’s security blog written by Gunnar Hellekson, Red Hat director of product management and Josh Bressers, Red Hat senior product manager for security. Red Hat rated the potential impact as Critical impact."

    When the vulnerability was unveiled, it seemed as though control of the DNS server would be required to exploit it. Now, the same researchers are joined by Dan Kaminsky, Chief Scientist of White Ops and others to show that the bug can actually be exploited independently of the DNS server, making it a much more severe bug than originally believed.
    Just how severe is this bug? Well-respected researcher Dan Kaminsky equates it to being like a "skeleton key of unknown strength." While there are few things that sound as cool as a "skeleton key," the implications here are downright scary. Kaminsky even likens this to being worse than Heartbleed, because that "tended to affect things we knew were on the network," whereas this "affects a universally used library at a universally used protocol."
    image: http://hothardware.com/ContentImages...c_universe.jpg

    Visualization of glibc's (dead center) relation to other Linux software in Ubuntu As notable as this bug is, the upside is that it can be patched right now, and with ease. All Linux distributions worth their weight in megabytes have already updated the patched glibc to their respective repositories, so for those manning Linux servers, this is as simple as updating the system - something that should be done on a very regular basis anyway.
    The big problem here, of course, is the fact that the number of affected systems is downright overwhelming. glibc is an integral part of Linux, so even home OSes are going to be impacted. Remember what we saw from Heartbleed? Months after it hit, there were still found to be hundreds of thousands of servers left vulnerable two months later.
    Either way, those who keep well in-tune with these issues are going to be the ones sporting the safest servers, and in turn are the ones keeping the companies they manage resources for safer than most others.


    Noticia:
    http://hothardware.com/news/security...KrwfBpUiYPR.99
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

 

 
Página 2 de 2 PrimeiroPrimeiro 12

Informação da Thread

Users Browsing this Thread

Estão neste momento 1 users a ver esta thread. (0 membros e 1 visitantes)

Bookmarks

Regras

  • Você Não Poderá criar novos Tópicos
  • Você Não Poderá colocar Respostas
  • Você Não Poderá colocar Anexos
  • Você Não Pode Editar os seus Posts
  •