New/old threat you need to be aware of.

kc1di

Well-Known Member
Joined
May 14, 2021
Messages
916
Reaction score
775
Credits
6,521
There was another security alert yesterday. See here for details. But this could be a very bad one and I may be looking to find a distro without Systemd after all.
Just be careful and be informed.
 


OP
kc1di

kc1di

Well-Known Member
Joined
May 14, 2021
Messages
916
Reaction score
775
Credits
6,521
Update Mint sent out a patch for this yesterday. Not sure if Ubuntu patched it yet. But keep your systems up to date.
 

Lord Boltar

Well-Known Member
Joined
Nov 24, 2020
Messages
1,540
Reaction score
1,006
Credits
11,412
An attacker can exploit a vulnerability in Polkit’s pkexec component, tracked as CVE-2021-4034, that affects all major Linux distributions to gain full root privileges on the system. The good news is that this issue is not remotely exploitable, but if an attacker can log in as any unprivileged user, it can allow to gain root privileges.

 

Brickwizard

Well-Known Member
Joined
Apr 28, 2021
Messages
2,395
Reaction score
1,614
Credits
17,992
got my update at 8-04 gmt this morning
 

craigevil

Well-Known Member
Joined
Feb 24, 2021
Messages
345
Reaction score
348
Credits
2,378
Updated on Debian Sid.
 

smooth_buddha

Active Member
Joined
Feb 13, 2020
Messages
362
Reaction score
244
Credits
1,648
There was another security alert yesterday. See here for details. But this could be a very bad one and I may be looking to find a distro without Systemd after all.
Just be careful and be informed.
Just think of vulnerabilities we still dont know about. In the security industry they call these "zero day vulnerabilities".
For as long as humans write code there will always be bugs and vulnerabilities. The threat will always be ongoing, in general linux users are much safer than windows or mac users but the threat to security still remains
 

f33dm3bits

Gold Member
Gold Supporter
Joined
Dec 11, 2019
Messages
4,490
Reaction score
3,199
Credits
32,582
in general linux users are much safer than windows or mac users but the threat to security still remains
LOL a privilege escalation vulnerability doesn't make any os safer than the other, just be thankfull it isn't a remote executable one.
 
Last edited:

KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
5,808
Reaction score
5,260
Credits
46,883
Just think of vulnerabilities we still dont know about.

Fortunately, most Linux vulnerabilities require a great deal of effort to exploit them. Like, this one requires you access a user account - be it local or remote. If you can remotely access with a regular user account you could use this vulnerability, but these things already require access to the machine.

For the most part, Linux exploits require user action to be dangerous.

As I say with some regularity, "Malware exists for Linux. Just don't install it."
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!

Members online


Top