Advertising

Welcome to SparkyLinux forums
Zapraszamy również na polsko-języczne Forum https://forum.linuxiarze.pl

[SOLVED]The "Looney Tunables" exploit affects Sparky Linux

Started by jidan, October 07, 2023, 07:55:06 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

jidan

October 07, 2023, 07:55:06 PM Last Edit: October 24, 2023, 04:48:22 PM by jidan
Looney Tunables exploit can gain root shell in several linux distros including Debian 12 and 13. So, Sparky Linux is vulnerable too.
Download the python script:
https://haxx.in/files/gnu-acme.py
and run it:
Code Select
python3 gnu-acme.pyIn a Sparky Linux 7.1 installation:

jidan

#1
October 07, 2023, 10:03:48 PM Last Edit: October 07, 2023, 10:28:08 PM by jidan
The vulnerability is fixed in glibc 2.37+
In Debian stable (12) the latest version is 2.31-13+deb11u7 witch is vulnerable:
https://packages.debian.org/source/bullseye/glibc
In testing and sid it's 2.37-12, it must be fixed:
https://packages.debian.org/source/trixie/glibc

So MAYBE it can be fixed by updating the package from the sid repos.

jidan

#2
October 08, 2023, 12:43:51 AM
No need to use unstable repos. Debian announced a bug fix for glibc v 2.36-9+deb12u3.

AxL

#3
October 08, 2023, 01:11:45 AM
Learn to read a little and stop spouting FUD and bullshit:

  • security-tracker.debian.org - Information on source package glibc

  • security-tracker.debian.org - CVE-2023-4911

    Quote from: glibc_2.37-12_changelogglibc (2.37-12) unstable; urgency=critical

      [ Samuel Thibault ]
      * debian/testsuite-xfail-debian.mk: Update xfails for hurd-i386.

      [ Aurelien Jarno ]
      * debian/patches/git-updates.diff: update from upstream stable branch:
     - Fix a buffer overflow in the dynamic loader's processing of the
          GLIBC_TUNABLES environment variable (CVE-2023-4911).
      * Set urgency to critical given the security issue.

     -- Aurelien Jarno <aurel32@debian.org>  Tue, 03 Oct 2023 19:14:06 +0200






    Pd.- And of course, NEVER download ramdom crap files, from the internet .... 












➤ Want to know how you can use a program you have never used before? "man" will be your best new friend! Type "man <pkg-name>" in a shell.
➤ Or, point your browser to "manpages.debian.org/<pkg-name>" .... RTFM !!!

AxL

#4
October 08, 2023, 01:19:36 AM

So, ultimately that story you're telling, does NOT affect SparkyLinux at all ...




➤ Want to know how you can use a program you have never used before? "man" will be your best new friend! Type "man <pkg-name>" in a shell.
➤ Or, point your browser to "manpages.debian.org/<pkg-name>" .... RTFM !!!

AxL

#7
October 08, 2023, 02:08:05 PM
Quote from: jidan on October 07, 2023, 07:55:06 PMLooney Tunables exploit can gain root shell in several linux distros including Debian 12 and 13. So, Sparky Linux is vulnerable too.
[....]



Stop making a fool of yourself for once and for all ...




PT





➤ Want to know how you can use a program you have never used before? "man" will be your best new friend! Type "man <pkg-name>" in a shell.
➤ Or, point your browser to "manpages.debian.org/<pkg-name>" .... RTFM !!!

jidan

#8
October 08, 2023, 03:09:09 PM
Quote from: jidan on October 08, 2023, 12:43:51 AMNo need to use unstable repos. Debian announced a bug fix for glibc v 2.36-9+deb12u3.
New installed Sparky Linux is affected.
After the last Debian update this bug is fixed. So, update asap after installation.

ioniqflish8827

#9
October 18, 2023, 07:36:34 AM
This just proves that paying attention to the Critical Vulnerabilities and exploits of both your operating system/Distribution and which ever packages that you install and maybe even avoid following links.

jidan

#10
October 22, 2023, 08:17:37 PM
Pavroo solved the issue by releasing updated isos of the distro, all new installed Sparkies will be fixed.
Thanx again Pavroo ;)
Print
Go Up Pages1
User actions

View the most recent posts on the forum