New/old threat you need to be aware of.

kc1di

Well-Known Member
Joined
May 14, 2021
Messages
972
Reaction score
821
Credits
6,923
There was another security alert yesterday. See here for details. But this could be a very bad one and I may be looking to find a distro without Systemd after all.
Just be careful and be informed.
 


OP
kc1di

kc1di

Well-Known Member
Joined
May 14, 2021
Messages
972
Reaction score
821
Credits
6,923
Update Mint sent out a patch for this yesterday. Not sure if Ubuntu patched it yet. But keep your systems up to date.
 

Lord Boltar

Well-Known Member
Joined
Nov 24, 2020
Messages
1,646
Reaction score
1,082
Credits
12,268
An attacker can exploit a vulnerability in Polkit’s pkexec component, tracked as CVE-2021-4034, that affects all major Linux distributions to gain full root privileges on the system. The good news is that this issue is not remotely exploitable, but if an attacker can log in as any unprivileged user, it can allow to gain root privileges.

 

Brickwizard

Well-Known Member
Joined
Apr 28, 2021
Messages
2,547
Reaction score
1,695
Credits
19,124
got my update at 8-04 gmt this morning
 

craigevil

Well-Known Member
Joined
Feb 24, 2021
Messages
361
Reaction score
362
Credits
2,494
Updated on Debian Sid.
 

smooth_buddha

Active Member
Joined
Feb 13, 2020
Messages
362
Reaction score
244
Credits
1,648
There was another security alert yesterday. See here for details. But this could be a very bad one and I may be looking to find a distro without Systemd after all.
Just be careful and be informed.
Just think of vulnerabilities we still dont know about. In the security industry they call these "zero day vulnerabilities".
For as long as humans write code there will always be bugs and vulnerabilities. The threat will always be ongoing, in general linux users are much safer than windows or mac users but the threat to security still remains
 

f33dm3bits

Gold Member
Gold Supporter
Joined
Dec 11, 2019
Messages
4,600
Reaction score
3,301
Credits
33,364
in general linux users are much safer than windows or mac users but the threat to security still remains
LOL a privilege escalation vulnerability doesn't make any os safer than the other, just be thankfull it isn't a remote executable one.
 
Last edited:

KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
6,116
Reaction score
5,496
Credits
49,278
Just think of vulnerabilities we still dont know about.

Fortunately, most Linux vulnerabilities require a great deal of effort to exploit them. Like, this one requires you access a user account - be it local or remote. If you can remotely access with a regular user account you could use this vulnerability, but these things already require access to the machine.

For the most part, Linux exploits require user action to be dangerous.

As I say with some regularity, "Malware exists for Linux. Just don't install it."
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!

Members online


Top