Security Leftovers
-
Huawei Says Controversial Linux Kernel Patch Wasn’t Their Idea
A Huawei engineer has decided to contribute a patch to the Linux kernel, trying to help bolster the security of the widely deployed open source project. The patch was called “Huawei kernel self protection” (HKSP), and it allegedly featured various security-hardening options for the Linux kernel. Thinking that this is coming from a controversial entity, the Linux kernel team thoroughly scrutinized the patch and found that it contains a “trivially exploitable vulnerability.” The discovery of that was the work of “GRSecurity,” an entity that has been contributing security hardening patches on Linux kernel for a long time now.
GRSecurity has even provided a proof of concept (PoC) code on how to exploit the vulnerability as an unprivileged user. They called the HKSP patch a risk that creates new attack surface and introduces more problems than those it attempts to solve in the first place. Naturally, this discovery sparked rumors about the intention of the contributor, Huawei’s long-shot goal to try and weaken the security of the Linux kernel, and more. Huawei responded to this by saying that their employee contributed on his own and that the company had no involvement in this action whatsoever.
-
Understanding the DTLS all-zero ClientHello.random vulnerability
A new vulnerability (CVE-2020-11501) has been discovered in the Datagram Transport Layer Security (DTLS) implementation in GnuTLS, where clients always send a fixed value (all-zero bytes) instead of random bytes in the first handshake message (ClientHello). The GnuTLS releases from 3.6.3 to 3.6.12 are affected by this vulnerability.
This vulnerability impacts Red Hat Enterprise Linux 8 and has been rated as having a Moderate impact by Red Hat Product Security. A fix for this issue has been delivered as part of RHSA-2020:1998, shipped on April 30, 2020.
-
Securing Linux's master sysadmin command: Sudo
Sudo is one of the most powerful and dangerous tools in the Unix or Linux system administrator's toolbox. With it, an ordinary user can run commands just as if he or she were the superuser or any other user. Now, One Identity, the company behind the utility, has released a new version of sudo, called sudo 1.9, which gives it better auditing, logging, and security than ever before.
-
- Login or register to post comments
- Printer-friendly version
- 813 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
CopyQ Clipboard Manager for Keeping a Track of Clipboard History
How do you copy-paste text? Let me guess. You either use the right click menu to copy-paste or use Ctrl+C to copy a text and Ctrl+V to paste the text. The text copied this way is saved to ‘clipboard’. The clipboard is a special location in the memory of your system that stores cut or copied text (and in some cases images). But have you ever been in a situation where you had a text copied and then you copy another text and then realize you needed the text you copied earlier? Trust me, it happens a lot. Instead of wondering about finding the previous text to copy again, you can use a clipboard manager. A clipboard manager is a handy little tool that keeps a history of the text you had copied. If you need to use the earlier copied text, you can use the clipboard manager to copy it again.
Android Leftovers
BeagleBone Green Gateway
Programming: Raspberry Pi, Java Streams, Realme GPL Compliance
Recent comments
2 hours 40 min ago
2 hours 52 min ago
3 hours 1 min ago
3 hours 9 min ago
4 hours 39 min ago
9 hours 54 min ago
14 hours 29 min ago
15 hours 29 min ago
15 hours 35 min ago
17 hours 9 min ago