TechPulseTechPulse
Back to News
Advertisement
Advertisement

⚡ Community Insights

Discussion Sentiment

0% Positive

Analyzed from 244 words in the discussion.

Trending Topics

#user#multiuser#linux#single#malware#install#bin#false#security#systems

Discussion (11 Comments)Read Original on HackerNews

bestouff•about 2 hours ago
Lots of privilege escalations these days. But are there that many multiuser Linux systems nowadays ? I'm under the impression the whole landscape is either servers or single-user desktops (and ofc Android phones).
dathinab•about 1 hour ago
> many multiuser Linux systems nowadays

not relevant IMHO

we don't live anymore in a time where you can trust that local apps do not misbehave, and in such a context LPE is pretty bad even in a single user system

just thing about all the supply chain problems of recent times

zahlman•about 2 hours ago
I impersonate multiple users on my machine for organizational reasons.

LPEs also potentially make user-level malware into system-level malware, which is only marginally more impactful for a single person on a desktop, but considerably harder to clean up. (It also broadens the range of what such malware could exfiltrate from me.)

riedel•42 minutes ago
Many university HPC clusters are run multiuser. At least login nodes.
INTPenis•about 2 hours ago
The idea is that you can exploit a service hosted on Linux to run these.
nubinetwork•about 2 hours ago
At what point do we all start rolling our own microkernels? This is kind of getting silly now... 4 now in the past month?
craftkiller•about 2 hours ago
I hate that the Qubes OS people were right.
itintheory•about 2 hours ago
Sounds like this one is in the same kernel modules as dirtyfrag, so the existing mitigations (if in place) are sufficient.
chasil•about 2 hours ago
RedHat's mitigation is this:

  $ cat /etc/modprobe.d/dirtyfrag.conf
  install esp4 /bin/false
  install esp6 /bin/false
  install rxrpc /bin/false
Are those correct for this exploit?

https://access.redhat.com/security/vulnerabilities/RHSB-2026...

itintheory•about 1 hour ago
Yep, that's the advice from AWS for the previous set of vulnerabilities:

https://aws.amazon.com/security/security-bulletins/2026-027-...

That one also includes disabling user namespaces. Could be problematic if they're in use.

LawnGnome•about 2 hours ago
I don't know, but the problem with blocking esp4 and esp6 is that IPsec stops working, as I understand it.