- cross-posted to:
- news@lemmy.linuxuserspace.show
- hygieia ( @hygieia@feddit.nl ) 73•1 year ago
CVE-2023-2640 and CVE-2023-32629 if you don’t fancy spending an age clicking Object to all the ‘legitimate interest’ cookie shit.
- dookie ( @dookie@kbin.cafe ) 5•1 year ago
bro doesnt have an adblocker?
- moreeni ( @moreeni@lemm.ee ) 5•1 year ago
And a script blocker like NoScript
- garam ( @garam@lemmy.my.id ) English4•1 year ago
All disable script all together on foreign site using uBo
- maiskanzler ( @maiskanzler@feddit.de ) 4•1 year ago
Tip: “I still don’t care about cookies” for desktop browsers + deleting all cookies at the end of the browser session works flawlessly for me.
- Yewb ( @Yewb@kbin.social ) 23•1 year ago
CVE-2023-2640
Needs a user account on the system (even unprivledged accounts) via overlayfs
Overlayfs allows one, usually read-write, directory tree to be overlaid onto another, read-only directory tree. All modifications go to the upper, writable layer. This type of mechanism is most often used for live CDs but there is a wide variety of other uses.
- darkmugglet ( @darkmugglet@lemm.ee ) 3•1 year ago
Or a docker container.
- astraeus ( @astraeus@programming.dev ) 10•1 year ago
Couldn’t find whether this even impacts LTS builds. Either way, seems like patching should resolve the issue
- style99 ( @style99@kbin.social ) 4•1 year ago
LTS uses the 5.15 Linux kernel (by default). This vulnerability impacts 6.2.
- RoundSparrow ( @RoundSparrow@lemmy.ml ) 6•1 year ago
If I understand correctnly… Ubuntu 22.04.2 LTS has 5.19 kernel by default: https://9to5linux.com/ubuntu-22-04-2-lts-released-with-linux-kernel-5-19-updated-components “the Ubuntu 22.04.2 LTS point release also comes with a newer kernel, namely Linux 5.19, from the Ubuntu 22.10 (Kinetic Kudu) release”
As you said, if it is only 6.2, still out of the window.
- ReversalHatchery ( @ReversalHatchery@beehaw.org ) 10•1 year ago
Is this an Ubuntu specialty, or other distros are also affected?
- schizosfera ( @schizosfera@feddit.de ) 6•1 year ago
They are specific to the kernels delivered with Ubuntu because of changes introduced by Canonical in OverlayFS:
Source: Ubuntu Website
- Roq ( @roq@noc.social ) 8•1 year ago
@leo what’s the solution, is it just the normal
apt update/upgrade
or something more complicated? And is it possible to know if a machine has suffered such attack at all?According to the Ubuntu bulletin, a simple update is sufficient.
The Wiz announcement didn’t really go into specifics, so not sure other than normal user auditing.
- djsaskdja ( @djsaskdja@reddthat.com ) 8•1 year ago
Typical lolbuntu move
- prenatal_confusion ( @prenatal_confusion@lemmy.one ) 3•1 year ago
<°==<
- Yewb ( @Yewb@kbin.social ) 4•1 year ago
Needs a user account on the system (even unprivledged accounts) via overlayfs
Overlayfs allows one, usually read-write, directory tree to be overlaid onto another, read-only directory tree. All modifications go to the upper, writable layer. This type of mechanism is most often used for live CDs but there is a wide variety of other uses.