Just got a email from Vultr my VPS provider they are patching my server do to this vulnerability.
Here is some info on it.
I think that everyone who uses Linux is aware of that issue.
But doesn’t hurt to post it I guess.
Right, I guess I’m late late to the party. First I’ve heard of it.
given the date, i doubt that.
i would guess many are not full time linux users and depend on the OS teams to fix such security issues. i did not see any fix or conclusion in that article.
also first i have heard of it (but then i probably use Windows 90% of my time)
I read the vultr doc and looks like running package upgrade fixes the issue.
Well, keep your updating fingers warmed up because hot on the heels of Copy Fail comes Dirty Frag. Which was announced before patches were available (and I think still not available).
There apparently is a mitigation, though I’ll wait to see some kind of confirmation from a kernel dev or someone from the major distros confirming it before believing any systems are safe with this mitigation.
Oh, it (the mitigation) has been confirmed by Ubuntu: Dirty Frag Linux kernel local privilege escalation vulnerability mitigations | Ubuntu
Also, I think everyone should be on their toes regarding security and updates for the next little while. LLMs have gotten really good at finding vulnerabilities…so, there are a gazillion black hats out there right now amassing a collection of exploits. They’ll be motivated to use them quickly, because developers can also use the same tools to find holes in their own systems so they can be patched (we’re using them to check Webmin/Virtualmin, too).
The cold war between attackers and developers has turned hot, and we’re going to see a lot of hacked systems in the new few months/years until a new equilibrium is achieved. It sucks, as developers have millions of lines of code to look at and fix, while attackers just have to find one unfixed vulnerability and exploit it before it’s found by responsible white hats or the devs themselves.
serious ofc, but keep in mind that they require a local user already logged in a shell.
I think if you do ssh logins with ssh kyes only or passwords in LAN/VPN only it is not that straightforward to actually be used for an attack on you.
For virtualmin also use 2FA.
IMO xz Utils / liblzma library was more dangerous practically.
True too … at least in the regard of “everyone”. Personally I did at least expected that server admins are aware of it.
I am mainly using Windows too (shame on me, I know 
), sometimes macOS. I “only” use Linux for servers, so I wouldn’t say I am a full time user. Plus I “never” really look specifically for news about Linux stuff.
But … the news about the latest security issues were published on such a wide base and posted practically everywhere that users should have heared about it at least.
Not that it really matters. Its just my point of view I guess.
Anyways, doesn’t hurt to publish it further since it only helps to improve security overall.
Sorry for the double post, just checked and patches were released for Debian (“normal user” versions) at least. Meaning for both copy fail (which was fixed a few days before that) and dirty frag (which was mentioned by @Joe ).
I assume the other Distros are going to follow soon too, if they haven’t so far already.