Hírolvasó

Greg Kroah-Hartman has released six new stable kernels to address the Zenbleed vulnerability for AMD processors: 6.4.6, 6.1.41, 5.15.122, 5.10.187, 5.4.250, and 4.19.289. "All AMD processor users of the [...] kernel series who have not updated their microcode to the latest version, must upgrade."

Tavis Ormandy reports on a vulnerability that he has found in "all Zen 2 class processors" from AMD. (Wayback Machine link as the original site is overloaded.) It can allow local attackers to recover data used in string operations; "If you remove the first word from the string 'hello world', what should the result be? This is the story of how we discovered that the answer could be your root password!" The report has lots of details, including an exploit; AMD has released a microcode update to address the problem. We now know that basic operations like strlen, memcpy and strcmp will use the vector registers - so we can effectively spy on those operations happening anywhere on the system! It doesn't matter if they're happening in other virtual machines, sandboxes, containers, processes, whatever!

This works because the register file is shared by everything on the same physical core. In fact, two hyperthreads even share the same physical register file.

The kernel's address-space layout randomization is intended to make life harder for attackers by changing the placement of kernel text and data at each boot. With this randomization, an attacker cannot know ahead of time where a vulnerable target will be found on any given system. There are techniques, though, that can be effective without knowing precisely where a given object is stored. As a way of hardening systems against such attacks, the kernel will be gaining yet another form of randomization.

The Debian project is now supporting 64-bit RISC-V systems as an official architecture. Some work remains to be done, though:

However before you rush to update your sources.list file, I want to warn you that the archive is currently almost empty, and that only the sid and experimental suites are available. The procedure is to rebootstrap the port within the official archive, which means we won't import the full debian-ports archive.

Version 1.3 of the Inkscape drawing editor has been released. "With version 1.3 of Inkscape, you’ll find improved performance, several new features, and a solid set of improvements to a few existing ones". Changes include a new shape-builder tool, a "document resources" dialog for the management of drawings, a new pattern editor, and more.

Security updates have been issued by Debian (webkit2gtk), Fedora (curl, dotnet6.0, dotnet7.0, ghostscript, kernel-headers, kernel-tools, libopenmpt, openssh, and samba), Mageia (virtualbox), Red Hat (java-1.8.0-openjdk and java-11-openjdk), and Scientific Linux (java-1.8.0-openjdk and java-11-openjdk).

Biztonsági kutatók boncolgatták a nemrég megjelent Big Head nevű zsarolóvírus törzset, amely olyan rosszindulatú hirdetéseken keresztül terjedhet, amelyek hamis Windows frissítéseket és Microsoft Word telepítőket reklámoznak.

The post Windows frissítésnek álcázva települ a Big Head zsarolóvírus first appeared on Nemzeti Kibervédelmi Intézet.

Linus has released 6.5-rc3 for testing. "Things continue to look pretty normal - there's nothing here that would seem to stand out, with both the commit counts and the diffs looking pretty much normal for rc3".

Meanwhile, Greg Kroah-Hartman has released the large 6.4.5, 6.1.40, and 5.15.121 stable updates; each contains another set of important fixes.

Here are the list of microconferences at the 2023 Linux Plumbers Conference:

• Kernel Testing & Dependability
• Containers and checkpoint/restore
• Linux Kernel Debugging
• Live Patching
• Real-time and Scheduling
• RISC-V
• Confidential Computing
• Rust
• Build Systems
• Android
• VFIO/IOMMU/PCI
• Compute eXpress Link
• Internet of Things
• Tracing
• Power Management and Thermal Control
• KVM

Some of the above already have a blog describing them in detail, and blogs for the rest will be coming shortly. If you plan on submitting a topic to one of these microconferences, please read the blog on what an ideal microconference topic submission is. After that, submit your topic and make sure that you select the appropriate track that you are submitting for (they are all listed under LPC Microconference and end with MC).

Thanks to a series of commits by Jonathan Gray (jsg@), -current now has support for microcode (updates) for AMD (amd64 and i386) processors:

CVSROOT: /cvs Module name: src Changes by: jsg@cvs.openbsd.org 2023/07/21 21:46:09 Modified files: usr.sbin/fw_update: patterns.c Log message: match AMD x86 CPUs in fw_update(8) ok deraadt@

Read more…

The BPF virtual machine in the kernel has been steadily gaining new features for years, many of which add capabilities that C programmers do not ordinarily have. So, from one point of view, it was only a matter of time before BPF gained support for exceptions. As it turns out, though, this "exceptions" feature is aimed at a specific use case, and its use in most programs will be truly exceptional.

Security updates have been issued by Fedora (golang, nodejs16, nodejs18, and R-jsonlite), Red Hat (java-1.8.0-openjdk and java-17-openjdk), SUSE (container-suseconnect, redis, and redis7), and Ubuntu (wkhtmltopdf).

We are pleased to announce that we will have a CXL MC this year at Plumbers, and hereby invite the community in our call for participation.

Compute Express Link is a cache coherent fabric that in recent years has been gaining momentum in the industry. CXL 3.0 launched just before Plumbers 2022 (where very early discussions took place),  bringing new challenges such as dynamic capacity devices and large scale fabrics, two features that bring significant challenges to Linux. There also has been controversy and confusion in the Linux kernel   community about the state and future of CXL, regarding its usage and integration into, for example, the core memory management subsystem. Many concerns have been put to rest through proper clarification and setting of expectations.

The Compute Express Link microconference focuses on how to evolve the Linux CXL kernel driver and userspace components for support of the CXL 2.0 spec (and beyond). The microconference provides a  pace to open the discussion, incorporate more perspectives, and grow the CXL community with a goal that the CXL Linux plumbing serves the needs of the CXL ecosystem while balancing the needs of the  Linux project. Specifically, this microconference welcomes submissions detailing industry and academia use cases in order to develop usage model scenarios. Finally, it will be a good opportunity to have  existing upstream CXL developers available in a forum to discuss current CXL support and to communicate areas that need additional involvement.

Suggested topics:

• Ecosystem & Architectural review
• Dynamic Capacity Devices
• Fabric Management
• QEMU support
• Security (ie: IDE/SPDM)
• Managing vendor specificity
• Type 2 accelerator support (bias flip management)
• Coherence management of type2/3 memory (back-invalidation)
• Peer2Peer (ie: Unordered IO)
• Reliability, availability and serviceability (ie: Advanced Error Reporting, Isolation, Maintenance).
  
• Hotplug (QoS throttling, policies, daxctl)
• Hot remove
• Documentation
• Memory tiering topics that can relate to cxl (out of scope of MM/performance MCs)
• Industry and academia use cases

Proposals can be submitted here, by September 1st:

https://lpc.events/event/17/abstracts/

For more information, feel free to contact the Compute Express Link MC Leads:
Davidlohr Bueso <dave@stgolabs.net>
Jonathan Cameron <Jonathan.Cameron@Huawei.com>
Adam Manzanares <a.manzanares@samsung.com>
Dan Williams <dan.j.williams@intel.com>

Sometimes, the shortest patches lead to the longest threads; for a case in point, see this three-line change posted by Emanuele Giuseppe Esposito. The purpose of this change is to improve the security of locked-down systems by adding a "revocation number" to the kernel image. But, as the discussion revealed, both the cost and the value of this feature are seen differently across the kernel-development community.

Security updates have been issued by Debian (chromium), Fedora (sysstat), Gentoo (openssh), Mageia (firefox/nss, kernel, kernel-linus, maven, mingw-nsis, mutt/neomutt, php, qt4/qtsvg5, and texlive), Red Hat (java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, and kpatch-patch), Slackware (curl and openssh), SUSE (curl, grafana, kernel, mariadb, MozillaFirefox, MozillaFirefox-branding-SLE, poppler, python-Flask, python310, samba, SUSE Manager Client Tools, and texlive), and Ubuntu (curl, ecdsautils, and samba).

Version 0.91 of Game of Trees has been released (and the port updated):

* got 0.91; 2023-07-19 see git repository history for per-change authorship information - use _POSIX_HOST_NAME_MAX from <limits.h> for portability - add merge -M option which tells 'got merge' not to fast-forward a reference - make gitwrapper ignore "permission denied" errors for repository paths - add cvg(1), a CVS-like Git client; still WIP and not installed by default yet - add initial implementation of 'gotadmin dump' which creates Git bundle files - add initial implementation of 'gotadmin load' which loads Git bundle files - gotadmin cleanup: consider object reachability while cleaning packfiles - gotadmin cleanup: don't delete pack files that are too young - prevent useless EEXIST errors filling up the global custom error array - abort histedit if the user quits the editor without saving the script - fix double-free in tog blame view error path - add support for keywords as <commit> arguments to got and tog

Also of note is that the Game of Trees web site now includes a Comparison to other version control systems.

A kutatók figyelmeztetést adtak ki egy új, „Letscallként” elnevezett hangalapú adathalászatról (vishing). Ezzel a technikával jelenleg dél-koreai magánszemélyeket céloznak meg.

The post Az eddigi legszofisztikáltabb hangalapú adathalász technikát fedezték fel a kutatók first appeared on Nemzeti Kibervédelmi Intézet.

The LWN.net Weekly Edition for July 20, 2023 is available.

The advantages of the Rust programming language are generally well-known; memory safety is a feature that has attracted a lot of developer attention over the last few years. At the inaugural Embedded Open Source Summit (EOSS), which is an umbrella event for numerous embedded-related conferences, Martin Mosler presented on using Rust for an embedded project. In the talk, he showed how easy it is to get up and running with a Rust-based application on a RISC-V-based development board.

As announced by Damien Miller:

"We've just made an OpenSSH release to fix a remotely exploitable RCE vulnerability in ssh-agent's PKCS#11 support (CVE-2023-38408). Details at https://openssh.com/releasenotes.html#9.3p2

Thanks to the Qualys Security Advisory Team for finding and reporting this bug."

This appears to impact every version of OpenSSH's ssh-agent from 5.5 onwards.