Linux Root Bug Security Flaw
-
This is way, WAY, above my geek-grade, but...
https://hackaday.com/2022/01/26/major-bug-grants-root-for-all-major-linux-distributions/
This doesn’t mean that Linux is perfectly secure though, as researchers recently found a major bug found in most major Linux distributions that allows anyone to run code as the root user.
The exploit is a memory corruption vulnerability in Polkit, a framework that handles the privilege level of various system processes. It specifically impacts the program pkexec. With the proof-of-concept exploit (file download warning) in hand, all an attacker needs to do to escalate themselves to root is to compile the program on the computer and run it as the default user. An example is shown by [Jim MacDonald] on Twitter for those not willing to try this on their own machines.
As bad as this sounds, it seems as though all of the major distributions that this impacts have already released updates that patch the issue, including Debian, Ubuntu, Red Hat, Fedora, open SUSE, and Arch. There is also a temporary workaround that removes read/write permission from the pkexec program so it can’t run at all. That being said, it might be best to check that your Linux systems are all up-to-date and that no strangers have been typing random commands into the terminal recently.
So, from reading this, I get the feeling it'll be patch after patch. Just like Windows and MacOS.
-
Sounds worse than it is. You need a local user account to use this exploit. Most servers don’t even have ssh login, and no local users like 25 years ago.
Security flaws in Linux show up every once in a while, but Linux will always be inherently more secure than Windows. The reasons for that are well-documented elsewhere.
-
By the way, TNCR also runs on a Linux server (Ubuntu). I'm not at all worried about its safety concerning this exploit.
