The officially official Devuan Forum!

You are not logged in.

#1 2023-10-05 02:40:38

Altoid
Member
Registered: 2017-05-07
Posts: 1,581  

Linux security hole - The Register

Hello:

This appeared on The Register tonight:

-----------------------------------------------------------------------------------------------------

Make-me-root 'Looney Tunables' security hole on Linux needs your attention
By Thomas Claburn - Wed 4 Oct 2023 // 21:27 UTC
https://www.theregister.com/2023/10/04/ … ables_bug/

-----------------------------------------------------------------------------------------------------

Thomas Claburn wrote:

... a security hole that can be fairly easily exploited by rogue users, intruders, and malicious software to gain root access ...
... a buffer overflow vulnerability in the GNU C Library's handling of an environmental variable ...
... arises from the GNU C Library's dynamic loader (ld.so) mishandling of the GLIBC_TUNABLES environmental variable.

As usual. we'll see a patch/fix in no time at all.

Best,

A.

Offline

#2 2023-10-05 11:48:25

boughtonp
Member
From: UK
Registered: 2023-01-19
Posts: 212  
Website

Re: Linux security hole - The Register

Altoid wrote:

As usual. we'll see a patch/fix in no time at all.

The patch was already released through the security repos a day before the article.


3.1415P265E589T932E846R64338

Offline

#3 2023-10-05 13:09:48

Altoid
Member
Registered: 2017-05-07
Posts: 1,581  

Re: Linux security hole - The Register

Hello:

boughtonp wrote:

... already released through the security repos a day before the article.

See?
No time at all.  8^P

Cheers,

A.

Offline

Board footer