LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 08-02-2012, 10:21 AM   #16
sycamorex
LQ Veteran
 
Registered: Nov 2005
Location: London
Distribution: Slackware64-current
Posts: 5,569
Blog Entries: 1

Rep: Reputation: 1026Reputation: 1026Reputation: 1026Reputation: 1026Reputation: 1026Reputation: 1026Reputation: 1026Reputation: 1026

Quote:
Originally Posted by brianL View Post
Mmmm.
Should we:
PANIC!!!
or:
DON'T PANIC!!!
Flip a coin and be happy with your choice
 
Old 08-02-2012, 10:23 AM   #17
273
Senior Member
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 3,411

Rep: Reputation: 794Reputation: 794Reputation: 794Reputation: 794Reputation: 794Reputation: 794Reputation: 794
I'm assuming that there's a known privilege escalation exploit on my machine, as well as the unknown or less documented ones. I suppose being more careful about third party software until it's fixed might be in order. WebGL sites ought to be avoided like the plague too and NoScript left on a bit more.
 
Old 08-02-2012, 10:24 AM   #18
brianL
LQ 5k Club
 
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.1
Posts: 7,040
Blog Entries: 52

Rep: Reputation: Disabled
I'm used to being exploited. Usually by women, who only want me for my body. A mere sex-object...sigh...
 
1 members found this post helpful.
Old 08-02-2012, 10:30 AM   #19
brianL
LQ 5k Club
 
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.1
Posts: 7,040
Blog Entries: 52

Rep: Reputation: Disabled
On topic:
http://archive.org/details/TheBlobTrailer
 
1 members found this post helpful.
Old 08-02-2012, 11:05 AM   #20
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Original Poster
Rep: Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269
Quote:
Originally Posted by 273 View Post
Hmm, after reading that link I think we're not safe. If the code's running in kernel space, but crashing, that means kernel space can be accessed through the exploit from userspace. Or am I misreading the comments on the linked page?
Yes, I think you are right.

Quote:
Originally Posted by PaXTeam
Posted Aug 2, 2012 10:42 UTC (Thu) by PaXTeam (subscriber, #24616) [Link]
note the faulting insn: RIP: 0010:[<00000000004016a7>]

it's code in the *kernel's* code segment with a *userland* address (PaX/KERNEXEC and CR4.SMEP stop exactly this kind of exploit method, but this looks like a powerful bug, it could be exploited other ways). that is, the kernel is executing userland provided code, that's already proof for privilege escalation and the oops is due to the exploit's kernel payload not being bullet proof (something that's not hard to fix up, if that's your game).
Either way, the bigger problem is not the exploit itself, but rather the time it takes Nvidia to fix it. If it were an exploit in FLOSS like the mainline kernel it would be fixed as soon as it is found. As you can see from the other links in the OP article, Nvidia may never fix it at all.

Last edited by H_TeXMeX_H; 08-02-2012 at 11:07 AM.
 
Old 08-02-2012, 11:30 AM   #21
brianL
LQ 5k Club
 
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.1
Posts: 7,040
Blog Entries: 52

Rep: Reputation: Disabled
So we're OK as far as that particular exploit is concerned, but vulnerable to other exploits?
 
Old 08-02-2012, 12:55 PM   #22
GazL
Senior Member
 
Registered: May 2008
Posts: 3,438

Rep: Reputation: 950Reputation: 950Reputation: 950Reputation: 950Reputation: 950Reputation: 950Reputation: 950Reputation: 950
Quote:
Originally Posted by brianL View Post
So we're OK as far as that particular exploit is concerned, but vulnerable to other exploits?
Better to think of it as the exploit being buggy, but they could fix it quite easily if only they could be bothered.
 
1 members found this post helpful.
Old 08-02-2012, 01:02 PM   #23
brianL
LQ 5k Club
 
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.1
Posts: 7,040
Blog Entries: 52

Rep: Reputation: Disabled
Thanks, GazL.
 
Old 08-02-2012, 01:06 PM   #24
volkerdi
Slackware Maintainer
 
Registered: Dec 2002
Location: Minnesota
Distribution: Slackware! :-)
Posts: 874

Rep: Reputation: 1812Reputation: 1812Reputation: 1812Reputation: 1812Reputation: 1812Reputation: 1812Reputation: 1812Reputation: 1812Reputation: 1812Reputation: 1812Reputation: 1812
Even without the exploit, Tavis Ormandy pointed out on oss-security that an unprivileged user could use nvidiactl to disable the fans, engage maximum overclocking, and then submit a heavy workload to the GPU. In a worst case scenario, something like that could actually cause the machine to start on fire. At the least, it would be likely to fry the video card.
 
5 members found this post helpful.
Old 08-02-2012, 01:07 PM   #25
brianL
LQ 5k Club
 
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.1
Posts: 7,040
Blog Entries: 52

Rep: Reputation: Disabled
I'd better keep a fire extinguisher handy.
 
Old 08-02-2012, 02:37 PM   #26
John VV
Guru
 
Registered: Aug 2005
Posts: 13,051

Rep: Reputation: 1741Reputation: 1741Reputation: 1741Reputation: 1741Reputation: 1741Reputation: 1741Reputation: 1741Reputation: 1741Reputation: 1741Reputation: 1741Reputation: 1741
exploits !!!
everybody has them
Quote:
I am never going back to the blob, because it is not stable, not secure, not FLOSS, and not much better than nouveau for what I use.
it is stable it is Xorg that is the issue
the "new and improved " updated for the sake of updating ,for nothing new added
 
Old 08-02-2012, 09:30 PM   #27
fogpipe
Member
 
Registered: Mar 2011
Distribution: Slackware 64 Current
Posts: 330

Rep: Reputation: 80
I like the nvidia drivers. In my experience they are stable and fast and easy enough to install. I actually dont even care that there may be a workable local exploit involving them. A remote exploit i might worry about, but if someone i dont trust is in my apartment near my computer, computer security is probably the least of my problems at that point.
The nouveau drivers otoh just never worked for me, every linux distro i installed lately, the first thing is blacklisting the nouveau drivers.
As someone who is more interested in what works rather than politics, i wish someone cared enough to test stuff like nouveau more before it was released. The old NV module was usable, that has not been my experience with nouveau.
 
Old 08-02-2012, 09:42 PM   #28
T3slider
Senior Member
 
Registered: Jul 2007
Distribution: Slackware64-14.1
Posts: 2,264

Rep: Reputation: 649Reputation: 649Reputation: 649Reputation: 649Reputation: 649Reputation: 649
Quote:
Originally Posted by fogpipe View Post
I like the nvidia drivers. In my experience they are stable and fast and easy enough to install. I actually dont even care that there may be a workable local exploit involving them. A remote exploit i might worry about, but if someone i dont trust is in my apartment near my computer, computer security is probably the least of my problems at that point.
If someone can gain unprivileged user access to your box remotely then they can still use the nVidia exploit to gain root access. It just means that two stages of vulnerabilities need to be exploited -- one to gain access to the box and the other to elevate privileges.
Quote:
Originally Posted by fogpipe View Post
The nouveau drivers otoh just never worked for me, every linux distro i installed lately, the first thing is blacklisting the nouveau drivers.
As someone who is more interested in what works rather than politics, i wish someone cared enough to test stuff like nouveau more before it was released. The old NV module was usable, that has not been my experience with nouveau.
While this certainly doesn't make the nouveau drivers any better, it should be stated that nv received some official support from nVidia, while nouveau does not. It isn't really the fault of the Linux devs that nVidia will not release technical specifications. The pragmatic approach would still tell you (and me) to use the blob, but it's not really fair to criticize the nouveau drivers -- they are a spectacular effort for reverse-engineered drivers. That still doesn't make them good, of course.
 
Old 08-02-2012, 09:48 PM   #29
k3lt01
Senior Member
 
Registered: Feb 2011
Location: Australia
Distribution: Debian Wheezy, Jessie, Sid/Experimental, playing with LFS.
Posts: 2,754

Rep: Reputation: 570Reputation: 570Reputation: 570Reputation: 570Reputation: 570Reputation: 570
Thanks for the information.
Quote:
Originally Posted by H_TeXMeX_H View Post
I am posting this in the Slackware forum because perhaps people here care more about security and stability than in other forums.
I believe this should be in the Linux General forum and I will report it as such. Linux is a community, we all care about the community and its security.
 
Old 08-02-2012, 10:21 PM   #30
ReaperX7
Senior Member
 
Registered: Jul 2011
Distribution: LFS-SVN, FreeBSD 10.0
Posts: 3,411
Blog Entries: 15

Rep: Reputation: 953Reputation: 953Reputation: 953Reputation: 953Reputation: 953Reputation: 953Reputation: 953Reputation: 953
Quote:
Originally Posted by T3slider View Post
If someone can gain unprivileged user access to your box remotely then they can still use the nVidia exploit to gain root access. It just means that two stages of vulnerabilities need to be exploited -- one to gain access to the box and the other to elevate privileges.

While this certainly doesn't make the nouveau drivers any better, it should be stated that nv received some official support from nVidia, while nouveau does not. It isn't really the fault of the Linux devs that nVidia will not release technical specifications. The pragmatic approach would still tell you (and me) to use the blob, but it's not really fair to criticize the nouveau drivers -- they are a spectacular effort for reverse-engineered drivers. That still doesn't make them good, of course.
Nouveau may not be better in many ways, but in others they really have made huge leaps in how drivers can be made through reverse engineering. The one thing is with Nouveau you have a safe driver, whereas with the blob, you have a problem that can be easily exposed, and exploited by someone.

Honestly, I don't mind using Nvidia's blob, but it's just so invasive of the system.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: NVIDIA Loses Huge GPU Order Due To Linux Blob LXer Syndicated Linux News 1 06-23-2012 02:59 PM
LXer: Nouveau Driver Power Management Against The NVIDIA Blob LXer Syndicated Linux News 0 07-06-2011 01:50 PM
[SOLVED] Inserting text blob into a C program Hidden Windshield Programming 12 08-28-2010 08:05 PM
how can I access blob in mysql by C ? twwwater Programming 2 09-17-2009 08:17 PM
LXer: Stop the blob LXer Syndicated Linux News 3 06-26-2008 05:50 AM


All times are GMT -5. The time now is 05:35 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration