Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > aus.computers > #71410
| Message-ID | <670459a7@news.ausics.net> (permalink) |
|---|---|
| From | not@telling.you.invalid (Computer Nerd Kev) |
| Subject | Re: For those who believe Linux malwareproof |
| Newsgroups | aus.computers |
| References | <lmhqu7F66naU1@mid.individual.net> |
| Date | 2024-10-08 07:59 +1000 |
| Organization | Ausics - https://newsgroups.ausics.net |
Keithr0 <nothing.to.see@here.com.au> wrote: > https://arstechnica.com/security/2024/10/persistent-stealthy-linux-malware-has-infected-thousands-since-2021/ There seems to be confusion about which vulnerability allowed the malware to gain root access. That article says it was in "GPAC", but other pages say it was a more likely "PwnKit" vulnerability in Polkit. CVE-2021-4043 in GPAC is described as just allowing DoS attacks: https://www.scyscan.com/cve-2021-4043/ CVE-2021-4034 in Polkit allows root access: https://www.helpnetsecurity.com/2022/01/26/cve-2021-4034/ In some ways the recent XZ backdoor was worse since it affected all Linux Systemd-based systems with SSH log-in. Much wider scope than just servers running Apache RocketMQ, but it was detected much sooner too. -- __ __ #_ < |\| |< _#
Back to aus.computers | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread
For those who believe Linux malwareproof Keithr0 <nothing.to.see@here.com.au> - 2024-10-07 20:19 +1000
Re: For those who believe Linux malwareproof not@telling.you.invalid (Computer Nerd Kev) - 2024-10-08 07:59 +1000
Re: For those who believe Linux malwareproof Mighty Mouse <"squeak!"@thecheesefactory.com> - 2024-10-08 10:05 +1100
Re: For those who believe Linux malwareproof Computer Nerd Kev <not@telling.you.invalid> - 2024-10-08 11:25 +1000
Re: For those who believe Linux malwareproof Mighty Mouse <"squeak!"@thecheesefactory.com> - 2024-10-10 12:04 +1100
Re: For those who believe Linux malwareproof Petzl <petzlx@gmail.com> - 2024-10-10 20:07 +1100
Re: For those who believe Linux malwareproof "Gary R. Schmidt" <grschmidt@acm.org> - 2024-10-10 23:12 +1100
Re: For those who believe Linux malwareproof not@telling.you.invalid (Computer Nerd Kev) - 2024-10-11 08:11 +1000
csiph-web