What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

News CVE-2024-53104 Linux Kernel Out-of-Bounds Write Vulnerability

D

DJones

Very Senior Member
www.forbes.com

Critical Linux 0-Day Attack Warning: U.S. Government Says Act Now

As critical Linux attacks are confirmed, the Department of Homeland Security warns users to update now.
www.forbes.com www.forbes.com

NVD - CVE-2024-53104

nvd.nist.gov nvd.nist.gov

~ Redhat

Overall the risk in my opinion is low for everyday users, and would require a physical or virtual usb device with infected vulnerable code to execute on a Linux machine. Likely this code would have to come from a already vulnerable device. Not a security researcher so this is just from what I’ve read.
 
Last edited:
Once again Forbes writes an article that the sky is falling. As I see it, Linux kernel 2.5.26 is affected and the warning was to US Government Agencies.
 
bbunge said:
Once again Forbes writes an article that the sky is falling. As I see it, Linux kernel 2.5.26 is affected and the warning was to US Government Agencies.
Click to expand...

Yep. News articles sensationalize everything, this isn’t surprising to me what so ever. It’s a valid 0-day, but it’s not a concern for 99.9% of home users even android. For sysadmins in government or datacenters this could be a concern, but the physical nature of the penetration would mean it’s a targeted attack and you probably have bigger concerns at hand.
 
The press is out of touch with reality, but Red Hat should have released updates by now. Currently stable versions are 6.12.13 and 6.13.2 experimental is now 6.14 rc2

So they should have updated to the latest version of their subsystem which would be 6.12.13. This CVE was fixed in 6.12 rc8
 
Vuln's like this are more about a chain of attacks - e.g. peeling things up a step at a time...

Not all Linux distros are on the same timelines for mitigations - some might have it covered already, some might not.
 
sfx2000 said:
Not all Linux distros are on the same timelines for mitigations - some might have it covered already, some might not.
Click to expand...
Redhat is kind of a different animal as it behind a little in the update timeline compared to the experimental platform Fedora. Plus I think they leave their system buggy so they can get people to pay for their support.
 
the sky is always falling these days , it gets clicks sell print . Anything to make a buck
 
You must log in or register to reply here.

Similar threads

D
News Windows Wi-Fi Driver Remote Code Execution Vulnerability CVE-2024-30078
Replies
2
Views
2K
Wallace_n_Gromit
Wallace_n_Gromit
D
News Universal local privilege escalation linux cve-2024-1086
Replies
0
Views
506
DJones
D
D
News 'Critical' vulnerability in OpenSSH uncovered, affects almost all Linux systems
Replies
1
Views
845
Deleted member 77025
D
D
News New 28 year old Php/gnu c buffer overflow vulnerability.
Replies
4
Views
1K
sfx2000
sfx2000
Voxel
Voxel Custom firmware build for Orbi LBR20 v. 9.2.5.2.43SF-HW
Replies
4
Views
1K
Voxel
Voxel
Similar threads
Thread starter Title Forum Replies Date
D News Windows Wi-Fi Driver Remote Code Execution Vulnerability CVE-2024-30078 General Network Security 2
D News Universal local privilege escalation linux cve-2024-1086 General Network Security 0
XIII CVE-2024-31497: PuTTY vulnerability vuln-p521-bias General Network Security 3
sfx2000 CVE-2024-3094 - XZ Utils Backdoor - addtional info General Network Security 12
sfx2000 News SSID Confusion attack, tracked as CVE-2023-52424 General Network Security 4
sfx2000 SSH - introducing Secure Shells in Shambles - Blackhat 2024 General Network Security 1
D News Windows build 2024 and Ai Recall - Security Risk General Network Security 2

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 615 (members: 12, guests: 603)
Back
Top