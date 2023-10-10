Security Leftovers
7 things even new Linux users can do to better secure the OS | ZDNET
t is no secret that Linux is a far more secure option than Windows. From the ground up, Linux was designed to be highly secure. Since I started using Linux (back in '97), I've only had one cybersecurity threat arise, which was a rootkit on a server I inherited. Sadly, that server was so badly compromised that I had to re-install the OS and start from scratch.
That was the only instance, in decades, of having to suffer the consequence of a security breach. Otherwise, it's been smooth sailing.
Security updates for Monday
Security updates have been issued by Debian (freerdp2, gnome-boxes, grub2, inetutils, lemonldap-ng, prometheus-alertmanager, python-urllib3, thunderbird, and vinagre), Fedora (freeimage, fwupd, libspf2, mingw-freeimage, thunderbird, and vim), Gentoo (c-ares, dav1d, Heimdal, man-db, and Oracle VirtualBox), Oracle (bind, bind9.16, firefox, ghostscript, glibc, ImageMagick, and thunderbird), Slackware (netatalk), SUSE (ImageMagick, nghttp2, poppler, python, python-gevent, and yq), and Ubuntu (bind9 and vim).
Red Hat, Ubuntu, Debian, and Gentoo Release Patches for 'Looney Tunables' Linux Vulnerability
Patch now: This serious Linux vulnerability affects nearly all distributions
As security holes go, CVE-2023-4911, aka "Looney Tunables," isn't horrid. It has a Common Vulnerability Scoring System (CVSS) score of 7.8, which is ranked as important, not critical.
On the other hand, this GNU C Library's (glibc) dynamic loader vulnerability is a buffer overflow, which is always big trouble, and it's in pretty much all Linux distributions, so it's more than bad enough.
'Looney Tunables' Linux Flaw Sees Snowballing Proof-of-Concept Exploits
Proof-of-concept (PoC) exploits for the security flaw CVE-2023-4911, dubbed Looney Tunables, have already been developed, following last week's disclosure of the critical buffer overflow vulnerability found in the widely used GNU C Library (glibc) present in various Linux distributions.
Independent security researcher Peter Geissler; Will Dormann, a software vulnerability analyst with the Carnegie Mellon Software Engineering Institute; and a Dutch cybersecurity student at Eindhoven University of Technology were among those posting PoC exploits on GitHub and elsewhere, indicating widespread attacks in the wild could soon follow.
GNOME Linux systems exposed to RCE attacks via file downloads
A memory corruption vulnerability in the open-source libcue library can let attackers execute arbitrary code on Linux systems running the GNOME desktop environment.
libcue, a library designed for parsing cue sheet files, is integrated into the Tracker Miners file metadata indexer, which is included by default in the latest GNOME versions.
Cue sheets (or CUE files) are plain text files containing the layout of audio tracks on a CD, such as length, name of song, and musician, and are also typically paired with the FLAC audio file format.