A great disturbance in the cyberspace, as if millions of sysadmins suddenly cried out in terror.
  • Treczoks@lemmy.worldEnglish
    1·
    1 小时前

    This and the others will probably be fixed as fast as usual, and the NSA, the CIA, and their Chinese, Russian, and whatever counterparts will have one less exploit in their arsenals.

    • degenerate_neutron_matter@fedia.io
      13·
      20 小时前

      It’s a big problem for multi-user servers where some users aren’t supposed to have root access. For example, my university has several student-accessible servers, and they all seem to be currently vulnerable to the exploit. A malicious student could cause quite a lot of damage.

      • carrylex@lemmy.worldEnglish
        29·
        18 小时前

        Not sure why one would use a multi-(Linux)-user server nowadays. Everything runs either via network (e.g. WebDav) or there are dedicated, isolated VMs on that server for exactly the above stated reason.

  • Azzu@lemmy.dbzer0.comEnglish
    33·
    24 小时前

    “No patches available” might’ve been true at time of writing (and might still be true for old kernels, idk), but kernel 7.0.4, released yesterday, is already fixed.

  • bookmeat@fedinsfw.appEnglish
    11·
    24 小时前

    It bothers me that the test for this vulnerability is a link to some random repo online with arbitrary code and no one is batting an eye.

  • Nighed@feddit.ukEnglish
    13·
    1 天前

    What is the exploit case? It says it’s IPsec stuff?

    Is it therefore remotely exploitable, or does it need a local user?

    Are routers at risk?

    • grainfed@quokk.auEnglish
      27·
      1 天前

      “any local user can instantly get root (administrator) access on an affected box, just by running a small program” quote from the short article. So it seems home computers are safe.

  • FreedomAdvocate@lemmy.net.auEnglish
    637·
    1 天前

    And yesterday people were making fun of Microsoft for logged in users being able to see their browser passwords 🤣

    • pastermil@sh.itjust.worksEnglish
      28·
      1 天前

      Where does it say in the article?

      Even if it’s true, wouldn’t it be a good thing, since it probably wouldn’t be found otherwise?

      • bulwark@lemmy.worldEnglish
        732·
        1 天前

        Short answer, nothing. Long answer, Mcafee, Norton, Kaspersky, etc. all have divisions devoted to creating viruses to keep the rest of the company profitable. Microslop has been increasingly desperate recently as they hemorrhage users. They have always been a deeply dishonest company dating back to the 90’s and IP theft over GUI. I suspect they might be behind the recent push to scare the public of “the dangers” of open source and think of the kids I.D. checks.

        • fartsparkles@lemmy.worldEnglish
          342·
          1 天前

          To everyone who isn’t wrapping themselves in aluminum, these companies don’t have teams writing viruses. This has been regurgitated around since the 90s and it’s hilariously false.

          • jimmy90@lemmy.worldEnglish
            49·
            1 天前

            see now when the jews invented capitalism with the catholics and were supressing mans natural instinct for communal living

            ummm ummm

            you know it all started there

            we just need to go back to hegel and marx and that and lenin too

            ok bye

            • FreedomAdvocate@lemmy.net.auEnglish
              1·
              13 小时前

              Why would they be desperate while their stock price keeps breaking all time highs?

              Microsoft makes basically nothing from windows in the grand scheme of things already.

            • AnyOldName3@lemmy.worldEnglish
              7·
              1 天前

              The stock price can mean they don’t care about hemorrhaging users. Windows is far from the main thing Microsoft makes money from.

    • ThyTTY@lemmy.worldEnglish
      88·
      1 天前

      Because they want to discourage users and governments from switching to Linux