+- Linux Lite Forums (https://www.freecinema2022.gq/forums)
+-- Forum: General (https://www.freecinema2022.gq/forums/forumdisplay.php?fid=4)
+--- Forum: On Topic (https://www.freecinema2022.gq/forums/forumdisplay.php?fid=14)
+--- Thread: Linux Kernel Privilege Escalation Flaw Vulnerabillity CVE-2016-0728 (/showthread.php?tid=2575)
Pages:
1
2
Linux Kernel Privilege Escalation Flaw Vulnerabillity CVE-2016-0728 - tomt - 01-19-2016
Need to see this, and I thought we were fine without the need the need for an anti-virus program.
Linux kernel flaw threatens millions of PCs, servers, and Android devices _ PCWorld.html
Re: Linux Kernel Privilege Escalation Flaw Vulnerabillity CVE-2016-0728 - firenice03 - 01-19-2016
(01-19-2016, 03:41 PM)tomt link Wrote: Need to see this, and I thought we were fine without the need the need for an anti-virus program.
Linux kernel flaw threatens millions of PCs, servers, and Android devices _ PCWorld.html
Adding a Link for folks:
http://www.pcworld.com/article/3023870/security/linux-kernel-flaw-endangers-millions-of-pcs-servers-and-android-devices.html
http://www.networkworld.com/article/3023866/linux-kernel-flaw-endangers-millions-of-pcs-servers-and-android-devices.html#tk.rss_security
It looks like per the article, affected Kernel is 3.8 and up... Guess its good that LL2.8 beta is at kernel 3.19??..??
But if folks have updated the kernel, they want to be informed..
Re: Linux Kernel Privilege Escalation Flaw Vulnerabillity CVE-2016-0728 - avj - 01-19-2016
From the posted articles it appears that someone may have to have physical access to the computer. It also seems that it takes at least 30 minutes to pull off on a machine with Intel Core i7-5500 CPU, according to the detailed analysis found in the following link.
http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/
Re: Linux Kernel Privilege Escalation Flaw Vulnerabillity CVE-2016-0728 - tomt - 01-19-2016
According to the PC article as I read it, it starts with kernel 3.8. "The Linux kernel is the core of all Linux-based operating systems, including Android. Its keyring facility provides a way for applications to store sensitive information such as authentication and encryption keys inside the kernel, where other user-space applications cannot access it." I did not see a mention that anything above that kernel would not be affected."According to them, the vulnerability was introduced in kernel version 3.8, released in Feb. 2013". I could be wrong but that is how I understand it to read. The fact that it is now appearing after all this time still supports my theory for the need to add an anti-virus protection to any distro. They also mentioned in the article that some kernels will be affected for quite some time.
Re: Linux Kernel Privilege Escalation Flaw Vulnerabillity CVE-2016-0728 - avj - 01-19-2016
I may be wrong, but it looks to me that you should be OK as long as you only use the software in the regular repositories that come with the system. It is my opinion for the most part that this kind of threat comes into play when you download proprietary or some other unapproved software. Open source software allows peer review of the code and makes it much harder for an exploit to slip through.
Re: Linux Kernel Privilege Escalation Flaw Vulnerabillity CVE-2016-0728 - Wirezfree - 01-19-2016
It's been there 3 years, and is there any evidence of this being exploited.??
Re: Linux Kernel Privilege Escalation Flaw Vulnerabillity CVE-2016-0728 - Valtam - 01-19-2016
Kernel numbering folks:
3.6 3.7 3.8 3.9 3.10 3.11 3.12 3.13......
Re: Linux Kernel Privilege Escalation Flaw Vulnerabillity CVE-2016-0728 - Valtam - 01-19-2016
POC for the geeks
https://gist.github.com/PerceptionPointTeam/18b1e86d1c0f8531ff8f
http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/
Testing this now on LL 2.8 Beta test box. Will report back with results.
Re: Linux Kernel Privilege Escalation Flaw Vulnerabillity CVE-2016-0728 - tomt - 01-20-2016
After reading Perception Point it looks like 3.8 and up is vulnerable. If this has not been exploited before, you can bet the chances are good it will be now.
Re: Linux Kernel Privilege Escalation Flaw Vulnerabillity CVE-2016-0728 - Valtam - 01-20-2016
Got a segmentation fault when running it so not going to spend forever analyzing this, was just curious. Vuln requires physical access to your pc. So if you have a friend who's a wizard on the command line, keep him/her away from your pc
To update:
Code:
sudo apt-get install linux-image-3.13.0-76-generic linux-headers-3.13.0-76-genericReboot.
Lite Tweaks, Kernel Removal, remove all other 3.13 kernels.
Code:
linux (3.13.0-76.120) trusty; urgency=low
[ Upstream Kernel Changes ]
* KEYS: Fix keyring ref leak in join_session_keyring()
- LP: #1534887
- CVE-2016-0728
-- Luis Henriques <[email protected]> Mon, 18 Jan 2016 09:54:03 +0000