Latest security news

Tutorials & Guides
21

SuSE Linux has issued multiple fixes for this issue in 2022:

https://linuxsecurity.com/search?searchword=IO-u r i n g &searchphrase=all

Latest Linux Malware News:

https://linuxsecurity.com/features/must-read-articles/linux-malware-the-truth-about-this-growing-threat-updated

And cross platform weak vectors where Java is running, primarily in Browsers:

https://linuxsecurity.com/news/security-vulnerabilities/openjdk-dos-info-disclosure-vulns-fixed

Ice Cat browser refuses web pages with Java and Stallman urges users to complain to owners of websites to remove Java code.

Chinese Hack attacks:

https://linuxsecurity.com/news/cryptography/chinese-hackers-use-dns-over-https-for-linux-malware-communication

And fake security researchers using stolen ID:

https://linuxsecurity.com/news/hackscracks/fake-zero-day-poc-exploits-on-github-push-windows-linux-malware

Note stupid censorship not allowing "u r i n g" remove spaces when in browser.

22

Tools for checking exploit vulnerabilities of the Linux kernel:

1 Like
23

Crosslink:

Reference 10 Aug 23:

Intel Response:

25

Oh, I wouldn't go that far...

"Zenception":

Interestingly, I notice today that the link I posted yesterday is down. Apparently hackread has been ummm... cough...
hacked...

1 Like
26

Link is still working here. Maybe they put another 5cents in the meter.

3 Likes
27 
**[Q] Is there any mitigation for Downfall?**

[A] Intel is releasing a microcode update which blocks transient results of gather instructions and prevent attacker code from observing speculative data from *Gather*.

I'd never heard of a "microcode update", some info if anyone's interested.

These Intel updates: will they work on Zorin, or if things like Secure Boot / UEFI are disabled?

28

Yes. These are not related to Secure Boot.
The microcode and firmware deal with the hardware (motherboard) Operating System, not Windows or Linux operating system.

29

I ask because, often, the update to fix firmware issues comes as a Windows .exe file only. Not sure what we could do if that's the case here.

30

sudo apt install linux-firmware

sudo service fwupd start

sudo fwupdmgr refresh

sudo fwupdmgr update

1 Like
31

Trying on the old HP Pavilion G4:

sudo fwupdmgr refresh

WARNING: UEFI firmware can not be updated in legacy BIOS mode
  See https://github.com/fwupd/fwupd/wiki/PluginFlag:legacy-bios for more information.
Firmware metadata last refresh: 16 hours ago. Use --force to refresh again.

I read the link, but I'm not sure what to do. Just ignore it? ("This warning can be ignored if UEFI firmware updates are not desired.") I don't know how entwined (or not) are firmware, UEFI and microcode.

32

Update 14 Aug '23:

apt list -u                                                                                    ─╯
Listing... Done
intel-microcode/focal-updates,focal-security 3.20230808.0ubuntu0.20.04.1 amd64 [upgradable from: 3.20230214.0ubuntu0.20.04.1]

Run

sudo apt update && apt list -u

to ensure intel-microcode upgrade is available on your regional server. If so, run

sudo apt upgrade

If not, please try again after a day or so.

1 Like
33

I have just used Software Updater.
FYI, OS Updates listed for installation were Intel microcode update and new kernel 5.15.0-70

2 Likes
34

Good to hear it's included in the latest Zorin Update. Unfortunately, the latest update killed my wifi (no longer detected).

35

31 Aug 2023

Please be sure to run your updates. Included in this recent batch is:
Changes for libelf1 versions:
Installed version: 0.176-1.1build1
Available version: 0.176-1.1ubuntu0.1

Version 0.176-1.1ubuntu0.1:

  • SECURITY UPDATE: infinite loop via a crafted file
    • debian/patches/CVE-2021-33294.patch: fix bounds checks and replace
      asserts with errors in src/readelf.c.
    • CVE-2021-33294
  • SECURITY UPDATE: heap-based buffer overwrite and reachable assertion
    • debian/patches/CVE-2020-21047.patch: fix bounds checks and replace
      asserts with errors in libcpu/i386_data.h and libcpu/i386_disasm.c.
    • CVE-2020-21047

Changes for amd64-microcode versions:
Installed version: 3.20191218.1ubuntu1.1
Available version: 3.20191218.1ubuntu1.2

Version 3.20191218.1ubuntu1.2:

  • SECURITY UPDATE: INCEPTION - information leak via speculative execution
    • amd-ucode/microcode_amd_fam19h.bin{.asc}: add AMD fam19h cpu
      microcode and signature for Inception vulnerability
    • New microcodes:
Summary 
  Family=0x19 Model=0x01 Stepping=0x00: Patch=0x0a001079 Length=5568 bytes
  Family=0x19 Model=0x01 Stepping=0x01: Patch=0x0a0011d1 Length=5568 bytes
  Family=0x19 Model=0x01 Stepping=0x02: Patch=0x0a001234 Length=5568 bytes
  Family=0x19 Model=0x11 Stepping=0x01: Patch=0x0a10113e Length=5568 bytes
  Family=0x19 Model=0x11 Stepping=0x02: Patch=0x0a10123e Length=5568 bytes
  Family=0x19 Model=0xa0 Stepping=0x01: Patch=0x0aa00116 Length=5568 bytes
  Family=0x19 Model=0xa0 Stepping=0x02: Patch=0x0aa00212 Length=5568 bytes

CVE-2023-20569

Tagging @Bourne since you have raised questions in regards to some of this in previous posts.

2 Likes
36

This item and link re Free Download Manager malware turned up in another thread.
Some of the Comments to the linked article are interesting i.e. be wary where you download .deb's from and verify file checksums for downloads from reliable sources. Does Clamav come with Zorin OS Core by default? - #8 by Thunder

2 Likes
37
38

I just clicked on the hyperlink of the first hash and this was the result:

And it lists it as arch, not deb!

40

Some thoughts on this piece of news:

42

Just a statement. I wanted to keep my answer here it short, similar to others in the thread, as this article was mentioned elsewhere with some extra context.

43

So this days everything is atacked windows,linux and macos for some trojans,backdoors etc.