Linux security hole - The Register

Altoid · 2023-10-05 02:40:38

Hello:

This appeared on The Register tonight:

-----------------------------------------------------------------------------------------------------

Make-me-root 'Looney Tunables' security hole on Linux needs your attention
By Thomas Claburn - Wed 4 Oct 2023 // 21:27 UTC
https://www.theregister.com/2023/10/04/ … ables_bug/

-----------------------------------------------------------------------------------------------------

Thomas Claburn wrote:

... a security hole that can be fairly easily exploited by rogue users, intruders, and malicious software to gain root access ...
... a buffer overflow vulnerability in the GNU C Library's handling of an environmental variable ...
... arises from the GNU C Library's dynamic loader (ld.so) mishandling of the GLIBC_TUNABLES environmental variable.

As usual. we'll see a patch/fix in no time at all.

Best,

A.

boughtonp · 2023-10-05 11:48:25

Altoid wrote:

As usual. we'll see a patch/fix in no time at all.

The patch was already released through the security repos a day before the article.

Altoid · 2023-10-05 13:09:48

Hello:

boughtonp wrote:

... already released through the security repos a day before the article.

See?
No time at all. 8^P

Cheers,

A.

The officially official Devuan Forum!

#1 2023-10-05 02:40:38

Linux security hole - The Register

#2 2023-10-05 11:48:25

Re: Linux security hole - The Register

#3 2023-10-05 13:09:48

Re: Linux security hole - The Register

Board footer