Linux news summer 2021

Linux Kernel Nixes IDE Support In the Latest 5.14 Release Candidate
https://www.tomshardware.com/news/linux-kernel-nixes-ide-support-in-the-latest-514-release-candidate

Linux founder Linus Torvalds recently posted an update on the Linux Kernel Mailing List announcing the arrival of Linux kernel version 5.14. Perhaps the biggest change is the removal of legacy support for Parallel ATA (PATA), also referred to as ATAm or IDE.

From now on, all IDE support will be based on libATA, a library used for providing support for ATA host controllers and devices. This change will shift away from in-kernel support, to a library that is implemented only when it’s needed.

THE LINUX KERNEL 5.14 AUDIO UPDATE
https://hackaday.com/2021/07/13/the-linux-kernel-5-14-audio-update/

Say hi to Microsoft’s own Linux: CBL-Mariner
https://www.zdnet.com/article/say-hi-to-microsofts-own-linux-cbl-mariner/

Microsoft has its own Linux distribution and, yes, you can download, install and run it. CBL-Mariner is not a Linux desktop. Like Azure Sphere, Microsoft’s first specialized Linux distro, which is used for securing edge computing services, it’s a server-side Linux.

Amazing isn’t it? Why the next thing you know Microsoft will let you run Windows applications on Linux! Oh, wait it has!

Two-for-Tuesday vulnerabilities send Windows and Linux users scrambling
Both OSes have flaws that allow attackers with a toehold to elevate access.
https://arstechnica.com/gadgets/2021/07/separate-eop-flaws-let-hackers-gain-full-control-of-windows-and-linux-systems/

Most versions of Linux, meanwhile, are in the process of distributing a fix for a vulnerability disclosed on Tuesday. CVE-2021-33909, as the security flaw is tracked, allows an untrusted user to gain unfettered system rights by creating, mounting, and deleting a deep directory structure with a total path length that exceeds 1GB and then opening and reading the /proc/self/mountinfo file.

The exploit Qualys described comes with significant overhead, specifically roughly 1 million nested directories. The attack also requires about 5GB of memory and 1 million inodes. Despite the hurdles, a Qualys representative described the PoC as “extremely reliable” and said it takes about three minutes to complete.

People running Linux should check with the distributor to determine if patches are available to fix the vulnerability.

Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909)
https://blog.qualys.com/vulnerabilities-threat-research/2021/07/20/sequoia-a-local-privilege-escalation-vulnerability-in-linuxs-filesystem-layer-cve-2021-33909

Successful exploitation of this vulnerability allows any unprivileged user to gain root privileges on the vulnerable host. Qualys security researchers have been able to independently verify the vulnerability, develop an exploit, and obtain full root privileges on default installations of Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04, Debian 11, and Fedora 34 Workstation. Other Linux distributions are likely vulnerable and probably exploitable.

What versions are vulnerable?
All Linux kernel versions from 2014 onwards are vulnerable.

To completely fix this vulnerability, the kernel must be patched. There are some kernel settings that might make it harder to exploit while waiting for a fix.

linux

1 Comment

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*