Welcome to SparkyLinux forums
Zapraszamy również na polsko-języczne Forum https://forum.linuxiarze.pl

[SOLVED]The "Looney Tunables" exploit affects Sparky Linux

Started by jidan, October 07, 2023, 07:55:06 PM

Previous topic - Next topic

jidan

Looney Tunables exploit can gain root shell in several linux distros including Debian 12 and 13. So, Sparky Linux is vulnerable too.
Download the python script:
https://haxx.in/files/gnu-acme.py
and run it:
python3 gnu-acme.pyIn a Sparky Linux 7.1 installation:

jidan

#1
The vulnerability is fixed in glibc 2.37+
In Debian stable (12) the latest version is 2.31-13+deb11u7 witch is vulnerable:
https://packages.debian.org/source/bullseye/glibc
In testing and sid it's 2.37-12, it must be fixed:
https://packages.debian.org/source/trixie/glibc

So MAYBE it can be fixed by updating the package from the sid repos.

jidan

No need to use unstable repos. Debian announced a bug fix for glibc v 2.36-9+deb12u3.

AxL

Learn to read a little and stop spouting FUD and bullshit:

  • security-tracker.debian.org - Information on source package glibc

  • security-tracker.debian.org - CVE-2023-4911

    Quote from: glibc_2.37-12_changelogglibc (2.37-12) unstable; urgency=critical

      [ Samuel Thibault ]
      * debian/testsuite-xfail-debian.mk: Update xfails for hurd-i386.

      [ Aurelien Jarno ]
      * debian/patches/git-updates.diff: update from upstream stable branch:
     - Fix a buffer overflow in the dynamic loader's processing of the
          GLIBC_TUNABLES environment variable (CVE-2023-4911).
      * Set urgency to critical given the security issue.

     -- Aurelien Jarno <aurel32@debian.org>  Tue, 03 Oct 2023 19:14:06 +0200







    Pd.- And of course, NEVER download ramdom crap files, from the internet .... 












➤ Want to know how you can use a program you have never used before? "man" will be your best new friend! Type "man <pkg-name>" in a shell.
➤ Or, point your browser to "manpages.debian.org/<pkg-name>" .... RTFM !!!

AxL


So, ultimately that story you're telling, does NOT affect SparkyLinux at all ...




➤ Want to know how you can use a program you have never used before? "man" will be your best new friend! Type "man <pkg-name>" in a shell.
➤ Or, point your browser to "manpages.debian.org/<pkg-name>" .... RTFM !!!



AxL

Quote from: jidan on October 07, 2023, 07:55:06 PMLooney Tunables exploit can gain root shell in several linux distros including Debian 12 and 13. So, Sparky Linux is vulnerable too.
[....]



Stop making a fool of yourself for once and for all ...




PT





➤ Want to know how you can use a program you have never used before? "man" will be your best new friend! Type "man <pkg-name>" in a shell.
➤ Or, point your browser to "manpages.debian.org/<pkg-name>" .... RTFM !!!

jidan

Quote from: jidan on October 08, 2023, 12:43:51 AMNo need to use unstable repos. Debian announced a bug fix for glibc v 2.36-9+deb12u3.
New installed Sparky Linux is affected.
After the last Debian update this bug is fixed. So, update asap after installation.

ioniqflish8827

This just proves that paying attention to the Critical Vulnerabilities and exploits of both your operating system/Distribution and which ever packages that you install and maybe even avoid following links.

jidan

Pavroo solved the issue by releasing updated isos of the distro, all new installed Sparkies will be fixed.
Thanx again Pavroo ;)

View the most recent posts on the forum