SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Those of you fellow Slackers running on newer Intel CPUs (manufactured since 2015, apparently) thinking that by applying all the latest microcodes and kernel patches, your systems are safe now, think again ....
The latest microcode patches Intel provided are not fully mitigating the already discovered CPU flaws.
Those of you fellow Slackers running on newer Intel CPUs (manufactured since 2015, apparently) thinking that by applying all the latest microcodes and kernel patches, your systems are safe now, think again ....
I don't believe anyone is under that delusion any more. Speculative execution is the gift that keeps on giving, and is likely to continue to do so for a good number of years yet.
And when you think of it, Linus called the first Intel patches "COMPLETE AND UTTER GARBAGE". https://lkml.org/lkml/2018/1/21/192
Poor guy was punished and had to abide to this: https://git.kernel.org/pub/scm/linux...4093c54469c11f
But he deserved it, he was "utterly" wrong in the first place, forgot to add the word PERPETUAL in front of his original expression
I'm only running on Intels and never considered AMD in the last 15 years or more. Will start to look more closely at their mobile CPUs from now on, since I'm loosing confidence in Intel's commitment in properly resolving their issues.
My last experience with AMD on laptops was: really bad thermal issues, overheating, CPUs literally burning out (including MB), they wouldn't last more than 1-2 years of normal usage. I hope that changed now.
https://lviattack.eu/
"LVI is a new class of transient-execution attacks exploiting microarchitectural flaws in modern processors to inject attacker data into a victim program and steal sensitive data and keys from Intel SGX, a secure vault in Intel processors for your personal data."
It appears that Chrome (Chromium) has some vulnerabilities. In that last couple of days (March 31st) it has been recommended to upgrade to 80.0.3987.162 due to several important security issues.
I pulled down Alien Bob's Chromium a couple of weeks ago and it was at 80.0.3987.149.
Those that follow Chrome more closely can add detail about these vulnerabilities. I only use Alien Bob's Chromium for websites that demand its features. (Thanks Eric!)
Although not a Slackware specific issue I'm posting this to inform members of this forum.
P.S. Actually, according to Intel, many more CPU families are affected by the vulnerability. I was only reading the vusec article when I composed the post.
Full list here: https://software.intel.com/security-...duct-cpu-model
Last edited by abga; 06-10-2020 at 05:57 PM.
Reason: P.S.
A new security hole in some of the Intel Core i7, Core i9 and Xeon CPUs, called SRBDS, CVE-2020-0543.
Mitigated apparently only through microcode updates.
Code:
./spectre-meltdown-checker.sh -v
Quote:
CVE-2020-0543 aka 'Special Register Buffer Data Sampling (SRBDS)'
* SRBDS mitigation control is supported by the kernel: NO
* SRBDS mitigation control is enabled and active: NO (SRBDS not found in sysfs hierarchy)
> STATUS: NOT VULNERABLE (Your microcode is up to date for SRBDS mitigation control. The kernel needs to be updated)
And after updating the kernel:
Quote:
CVE-2020-0543 aka 'Special Register Buffer Data Sampling (SRBDS)'
* Mitigated according to the /sys interface: YES (Mitigation: Microcode)
* SRBDS mitigation control is supported by the kernel: YES (found SRBDS implementation evidence in kernel image. Your kernel is up to date for SRBDS mitigation)
* SRBDS mitigation control is enabled and active: YES (Mitigation: Microcode)
> STATUS: NOT VULNERABLE (Your microcode and kernel are both up to date for SRBDS mitigation control. Mitigation is enabled)
Whereas, for the stable Slackware 14.2, the 4.4.217 kernel doesn't appear to contain the SRBDS code yet, but only 4.4.227
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.227
Thanks for the details, didn't know that the kernel also has its own mitigation part.
This is not really a kernel mitigation per se. Kernel 5.4.46 offers the administrator the possibility to disable the microcode SRBDS mitigation if it leads to performance issues.
Quote:
x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation
commit 7e5b3c267d256822407a22fdce6afdf9cd13f9fb upstream
SRBDS is an MDS-like speculative side channel that can leak bits from the
random number generator (RNG) across cores and threads. New microcode
serializes the processor access during the execution of RDRAND and
RDSEED. This ensures that the shared buffer is overwritten before it is
released for reuse.
While it is present on all affected CPU models, the microcode mitigation
is not needed on models that enumerate ARCH_CAPABILITIES[MDS_NO] in the
cases where TSX is not supported or has been disabled with TSX_CTRL.
The mitigation is activated by default on affected processors and it
increases latency for RDRAND and RDSEED instructions. Among other
effects this will reduce throughput from /dev/urandom.
* Enable administrator to configure the mitigation off when desired using
either mitigations=off or srbds=off.
* Export vulnerability status via sysfs
Also SRBDS vulnerability status can be checked with:
Quoting a message from Daniel Kiper on the grub-devel mailing list:
Quote:
We have recently been made aware of a problem with GRUB2 by security research firm Eclypsium that allows a bad actor to circumvent UEFI Secure Boot. Normally, when Secure Boot is enabled, only modules [1] that have a valid signature can be loaded. The bug allows this to be circumvented and allow a module to be loaded that is not signed and therefore breaks the chain of trust that Secure Boot is supposed to guarantee.
This is not a concern for most Slackware users as Slackware doesn't allow booting with Secure Boot enabled out of the box, however it is possible to enable this feature as documented in this article on SlackDocs.
So if you enable Secure Boot read the message from Daniel.
PS I assume that all the 28 patches will be applied in grub-2.06, so just upgrading will address the mentioned CVEs. As an aside work on this issue probably delayed the release of this new version, meanwhile several non-security patches wait to be committed but the first RC can now appear within a few weeks, I think.
EDIT: good guess
Le 29/07/2020 à 19:46, Daniel Kiper a écrit :
> I think this link [1] will explain my long absence... Sorry about that.
>
> I am going to go back to GRUB work next week. I will triage all the patches
> and take all (obvious) fixes. Then I will release rc1 ASAP... All new features
> will be taken after 2.06 release.
>
> Daniel
>
> [1] https://lists.gnu.org/archive/html/g.../msg00034.html
PPS The scope of this vulnerability is a lot wider than only GRUB2 as it can encompass a lot of systems using it or not to boot, including Windows. Read There’s a Hole in the Boot to know why and how.
Last edited by Didier Spaier; 07-29-2020 at 01:18 PM.
Reason: EDIT added.
X.Org's Latest Security Woes Are Bugs In LibX11, Xserver
Written by Michael Larabel in X.Org on 31 July 2020 at 09:54 AM EDT.
The X.Org/X11 Server has been hit by many security vulnerabilities over the past decade as security researchers eye more open-source software. Some of these vulnerabilities date back to even the 80's and 90's given how X11 has built up over time. The X.Org Server security was previously characterized as being even worse than it looks while today the latest vulnerabilities have been made public.
CVE-2020-14344 is now public and covers multiple integer overflows and signed/unsigned comparison issues within the X Input Method implementation in the libX11 library. These issues can lead to heap corruption when handling malformed messages from an input method.
Several patches are now in libX11 Git for addressing these overflows and bad sign comparisons. LibX11 1.6.10 will be released shortly with these fixes.
More details on today's disclosure via the xorg-devel list.
Update: Further security issues are also being made public today... CVE-2020-14347 is public too as a bug in the pixmap data code leading to uninitialized heap memory being leaked to clients. In turn when paired with other flows and running the xorg-server as root could potentially lead to privilege escalation. X.Org Server 1.20.9 to be released soon with this fix, which was discovered as part of the Trend Micro Zero Day Initiative.
Last edited by cwizardone; 07-31-2020 at 09:49 AM.
CHANGES BETWEEN 2.10.3 and 2.10.4
I. IMPORTANT BUG FIXES
- A heap buffer overflow has been found in the handling of embedded
PNG bitmaps, introduced in FreeType version 2.6.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
