Linux

48328 readers

659 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz

New Linux glibc flaw lets attackers get root on major distros (www.bleepingcomputer.com)

submitted 9 months ago by yogthos@lemmy.ml to c/linux@lemmy.ml

11 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] sun_is_ra@sh.itjust.works 7 points 9 months ago (1 children)

they didnt explain how the exploit work or howto know if your system is vulnerable

[–] mozz@mbin.grits.dev 8 points 9 months ago* (last edited 9 months ago) (1 children)

Easiest answer:

sudo apt udpate
sudo apt upgrade

If it upgrades some stuff, you were vulnerable, but you no longer are. If nothing upgrades, then you were already all good.

If you're doing that regularly, then your core system will generally be patched fixing almost all exploits in your core system, including this one. If not, you're vulnerable to this exploit and likely a whole bunch more stuff.

Edit: That's the simplest answer but if you're curious you can do a double-check for this particular vulnerability with apt changelog libc6 - generally speaking you won't see recent changes, but if a package has been recently updated you'll see a recent fix. So e.g. for this, I see the top change in the changelog is the fix from a couple weeks back:

glibc (2.36-9+deb12u4) bookworm-security; urgency=medium

  * debian/patches/any/local-CVE-2023-6246.patch: Fix a heap buffer overflow
    in __vsyslog_internal (CVE-2023-6246).
  * debian/patches/any/local-CVE-2023-6779.patch: Fix an off-by-one heap
    buffer overflow in __vsyslog_internal (CVE-2023-6779).
  * debian/patches/any/local-CVE-2023-6780.patch: Fix an integer overflow in
    __vsyslog_internal (CVE-2023-6780).
  * debian/patches/any/local-qsort-memory-corruption.patch: Fix a memory
    corruption in qsort() when using nontransitive comparison functions.

 -- Aurelien Jarno <aurel32@debian.org>  Tue, 23 Jan 2024 21:57:06 +0100

[–] sun_is_ra@sh.itjust.works 1 points 9 months ago (1 children)

If you are running apt then you are running debian or ubuntu which the article clearly states they are vulnerable. but anyway I was asking how do I figure it out by myself

[–] mozz@mbin.grits.dev 2 points 9 months ago* (last edited 9 months ago) (1 children)

All Linux systems will be very likely vulnerable to this if they're not they're patched with the fix. Patched systems will not be vulnerable. That's true for Debian and Ubuntu, as it is for any Linux system. The commands I gave are determining whether or not you're patched, on a Debian or Ubuntu system.

What distro are you running? I can give you commands like that for any Linux system to determine whether or not you're patched.

[–] sun_is_ra@sh.itjust.works 3 points 9 months ago (1 children)

am running Gentoo with systemd. does a bug in syslog affect me?

[–] mozz@mbin.grits.dev 3 points 9 months ago* (last edited 9 months ago) (1 children)

I don't see why it wouldn't. I think for gentoo, you want to check if you need any security updates with:

emerge --sync
emerge gentoolkit
glsa-check -l affected

(Edit: Also, as a general rule -- don't type stuff as root just because I or some other random person on the internet tells you to; check the man page or docs to make sure it's going to do something that you want it to do first.)

[–] sun_is_ra@sh.itjust.works 2 points 9 months ago

Thank you!