Latest security news

Aravisian · 10 August 2023 18:19

sudo apt install linux-firmware

sudo service fwupd start

sudo fwupdmgr refresh

sudo fwupdmgr update

4box · 10 August 2023 18:41

Trying on the old HP Pavilion G4:

sudo fwupdmgr refresh

WARNING: UEFI firmware can not be updated in legacy BIOS mode
  See https://github.com/fwupd/fwupd/wiki/PluginFlag:legacy-bios for more information.
Firmware metadata last refresh: 16 hours ago. Use --force to refresh again.

I read the link, but I'm not sure what to do. Just ignore it? ("This warning can be ignored if UEFI firmware updates are not desired.") I don't know how entwined (or not) are firmware, UEFI and microcode.

Aravisian · 14 August 2023 13:17

Update 14 Aug '23:

apt list -u                                                                                    ─╯
Listing... Done
intel-microcode/focal-updates,focal-security 3.20230808.0ubuntu0.20.04.1 amd64 [upgradable from: 3.20230214.0ubuntu0.20.04.1]

Run

sudo apt update && apt list -u

to ensure intel-microcode upgrade is available on your regional server. If so, run

sudo apt upgrade

If not, please try again after a day or so.

zabadabadoo · 14 August 2023 15:49

I have just used Software Updater.
FYI, OS Updates listed for installation were Intel microcode update and new kernel 5.15.0-70

4box · 14 August 2023 21:07

Good to hear it's included in the latest Zorin Update. Unfortunately, the latest update killed my wifi (no longer detected).

Aravisian · 31 August 2023 22:12

31 Aug 2023

Please be sure to run your updates. Included in this recent batch is:
Changes for libelf1 versions:
Installed version: 0.176-1.1build1
Available version: 0.176-1.1ubuntu0.1

Version 0.176-1.1ubuntu0.1:

SECURITY UPDATE: infinite loop via a crafted file
- debian/patches/CVE-2021-33294.patch: fix bounds checks and replace
  asserts with errors in src/readelf.c.
- CVE-2021-33294
SECURITY UPDATE: heap-based buffer overwrite and reachable assertion
- debian/patches/CVE-2020-21047.patch: fix bounds checks and replace
  asserts with errors in libcpu/i386_data.h and libcpu/i386_disasm.c.
- CVE-2020-21047

Changes for amd64-microcode versions:
Installed version: 3.20191218.1ubuntu1.1
Available version: 3.20191218.1ubuntu1.2

Version 3.20191218.1ubuntu1.2:

SECURITY UPDATE: INCEPTION - information leak via speculative execution
- amd-ucode/microcode_amd_fam19h.bin{.asc}: add AMD fam19h cpu
  microcode and signature for Inception vulnerability
- New microcodes:

Summary

  Family=0x19 Model=0x01 Stepping=0x00: Patch=0x0a001079 Length=5568 bytes
  Family=0x19 Model=0x01 Stepping=0x01: Patch=0x0a0011d1 Length=5568 bytes
  Family=0x19 Model=0x01 Stepping=0x02: Patch=0x0a001234 Length=5568 bytes
  Family=0x19 Model=0x11 Stepping=0x01: Patch=0x0a10113e Length=5568 bytes
  Family=0x19 Model=0x11 Stepping=0x02: Patch=0x0a10123e Length=5568 bytes
  Family=0x19 Model=0xa0 Stepping=0x01: Patch=0x0aa00116 Length=5568 bytes
  Family=0x19 Model=0xa0 Stepping=0x02: Patch=0x0aa00212 Length=5568 bytes

CVE-2023-20569

Tagging @Bourne since you have raised questions in regards to some of this in previous posts.

zabadabadoo · 13 September 2023 08:09

This item and link re Free Download Manager malware turned up in another thread.
Some of the Comments to the linked article are interesting i.e. be wary where you download .deb's from and verify file checksums for downloads from reliable sources. Does Clamav come with Zorin OS Core by default? - #8 by Thunder

Bourne · 17 September 2023 18:14

swarfendor437 · 17 September 2023 18:31

I just clicked on the hyperlink of the first hash and this was the result:

And it lists it as arch, not deb!

zenzen · 17 September 2023 21:42

Some thoughts on this piece of news:

337harvey · 18 September 2023 07:03

Is this a question or a statement to elicit response?

zenzen · 18 September 2023 08:12

Just a statement. I wanted to keep my answer here it short, similar to others in the thread, as this article was mentioned elsewhere with some extra context.

Bourne · 18 September 2023 13:54

So this days everything is atacked windows,linux and macos for some trojans,backdoors etc.

Bourne · 8 October 2023 11:03

https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt

swarfendor437 · 10 October 2023 06:41

I started to read this and have been aware of glib.c issues in the past that were fixed. I couldn't see any reference as to whether this was a local attack (which means someone who has either access to the machine or on the same network), or more importantly whether the code could be executed remotely. A lot of security issues in the past have been concerned with local attacks, not remote ones. It would have been better if the research had stated what vectors enable the execution of the security breach. If someone is sat outside your house with two notebooks open you would know that they are probably trying to snarf your network!

337harvey · 10 October 2023 07:29

@swarfendor437, the link title states its local (or at least the url):

zabadabadoo · 14 October 2023 14:16

Just found this item re Gnome.

swarfendor437 · 16 October 2023 11:24

I read with interest the second article about JavaScript. Time to switch to IceCat methinks! In terms of the cue for searching for files, I think this is off by default in Zorin (Settings) which I described in the Unofficial Manual for Zorin 15 but correct me if I am wrong. (Page 49 - Search in Settings).

Aravisian · 27 October 2023 01:55

Oauth fumbles yet again with more security holes:

Aravisian · 29 October 2023 02:47

Crosslink: