Sophos threat researcher Nick Gregory discovered a hole in Linux’s netfilter firewall program that’s “exploitable to achieve kernel code execution (via ROP [return-oriented programming]), giving full local privilege escalation, container escape, whatever you want.” ZDNet reports: Behind almost all Linux firewalls tools such as iptables; its newer version, nftables; firewalld; and ufw, is netfilter, which controls access to and from Linux’s network stack. It’s an essential Linux security program, so when a security hole is found in it, it’s a big deal. […] This problem exists because netfilter doesn’t handle its hardware offload feature correctly. A local, unprivileged attacker can use this to cause a denial-of-service (DoS), execute arbitrary code, and cause general mayhem. Adding insult to injury, this works even if the hardware being attacked doesn’t have offload functionality! That’s because, as Gregory wrote to a security list, “Despite being in code dealing with hardware offload, this is reachable
Tek Editor
Comments are closed.
Recent Posts
- The spam came from inside the house: How a smart TV can choke a Windows PC
- HashiCorp Reportedly Being Acquired By IBM
- Microsoft’s Phi-3 shows the surprising power of small, locally run AI language models
- No One Can Own the Law–So Why Is Congress Extending Copyright to It?
- You can now disable some of Fortnite’s most toxic emotes
Recent Comments
Archives
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- June 2021
- August 2020
Categories
- A.I.
- AALL Annual
- AALL Virtual Coffee Chat
- ABA TECHSHOW
- academia
- accessibility
- ActivityPub
- ai
- amazon prime
- Android 12
- animaze
- annotation
- api
- apps
- architecture
- archives
- artificial intelligence
- assessment
- Assetto Corsa
- audio
- Automobilista 2
- Awards
- aws
- Backdrop
- BERT
- books
- burnout
- cali
- cats
- CG
- chairs
- ChatLaw
- Chris Locke
- CKEditor
- clio
- Closed Course
- cloud software
- cloud storage
- code completion
- computers
- conferences
- configuration
- cooking
- Cool Tools
- CoolTools
- Cornell
- COVID
- covid-19
- COVID19
- cyberspace
- data extraction
- DDEV
- deep learning
- design patterns
- Dirt 4
- docker
- drum plugin
- drupal
- Drupal 10
- Drupal 11
- Drupal 7
- Drupal 8
- Drupal 9
- education
- elangdell
- elections
- embedding
- Emerging Technologies
- entertainment
- eprints
- facial recognition
- fediverse
- fine tuning
- food
- formula 1
- free instruments
- free sounds
- free tracks
- games
- GGML
- gitlab
- go
- gpt-3
- Grants
- Haystack
- hbo
- hbo max
- high performance
- higher education
- Home Assistant
- home automation
- Huggingface
- Hypothesis
- IIS
- instruction
- javascript
- Jupyter Lab
- Jupyter notebook
- keynote
- LangChain
- legal ed
- legal education
- Legal Information Institute
- legal research
- legal technology
- LII
- linux
- llama
- llamaindex
- LLM
- machine learning
- macs
- Mailman
- Mattermost
- metaverse
- Miniconda
- mods
- motivation
- movies
- music
- neural network
- NewsFeed
- NewsFeeds
- node-red
- node.js
- nvidia
- OAI
- open access
- Open Access Week 2021
- Open Assistant
- open source
- PC Gaming
- performance
- perl
- personalization
- PHP8
- Pinecone
- Pipermail
- plugins
- podcasts
- Polis
- posts
- progressive web app
- project management
- PWA
- python
- pytorch
- Race Sim Studios
- Rageboy
- raspberry pi
- rbg
- reading list
- recipes
- remote connections
- repository
- ribs
- s3
- scoring
- search
- security
- self-care
- sentence transformer
- settings
- sim racing
- sis
- slack
- snap camera
- social inequality
- sound
- sql
- StarCoder2
- streaming
- student information system
- student loans
- support
- technology competencies
- techshow
- teknoids
- television
- teleworking
- text
- text comparison
- The List
- thoughts
- Thurstmaster
- TMX
- Tom Bruce
- training
- trends
- tweets
- ubuntu
- unstructured
- usability
- vector db
- vicuna
- video
- virtual conferences
- weekend projects
- wellness
- windows
- windows 11
- windows subsystem for linux
- wordpress
- work
- work from home
- work productivity
- wsl2
- youtube
- yummy
- zoom
- Zoom filters