Forwarded from memy zajebiste (MARCHWJ)
This media is not supported in your browser
VIEW IN TELEGRAM
https://www.zerodayinitiative.com/blog/2024/3/21/pwn2own-vancouver-2024-day-two-results
You might like to scroll this one, but I want to highlight an Ubuntu case.
STAR Labs SG was able to escalate permissions from a regular user to root.
As well as the Docker container escape case. By default Docker uses root deamon, so you don't even need to use the vulnerability I mentioned below.
Once again I urge to not use Ubuntu and use more secure distros with more advanced security protection like SELinux.
Use podman and rootless containers instead of Docker, this way by escaping containers you get only user permissions and ideally still restricted by SELinux policy which allows only r/o access by default.
You might like to scroll this one, but I want to highlight an Ubuntu case.
STAR Labs SG was able to escalate permissions from a regular user to root.
As well as the Docker container escape case. By default Docker uses root deamon, so you don't even need to use the vulnerability I mentioned below.
Once again I urge to not use Ubuntu and use more secure distros with more advanced security protection like SELinux.
Use podman and rootless containers instead of Docker, this way by escaping containers you get only user permissions and ideally still restricted by SELinux policy which allows only r/o access by default.
Zero Day Initiative
Zero Day Initiative β Pwn2Own Vancouver 2024 - Day Two Results
Welcome to the second and final day of Pwn2Own Vancouver 2024! We saw some amazing research yesterday, including a Tesla exploit and a single exploit hitting both Chrome and Edge. So far, we have paid out $723,500 for the event, and weβre poised to hit $1β¦
Forwarded from Griseus Wolf
Translate:
well, I wanted to bake a duck for New Year. Just before the New Year, it suddenly turned out that there were no whole ducks in the store, only spare parts. A strategic decision was made to take the duck parts and cook them. At home, I became upset that there would be no whole duck, and I tried to reconstruct the duck from the breasts and legs by stitching. At the same time, it turned out that the trays had not two, but three legs, making a total of six of them, five of them being left ones. While I was sewing the duck, I coated it a little with food coloring, which my sister had splashed in the kitchen while she was making gingerbread cookies (they turned out great gingerbread cookies, by the way), and the duck began to look like it was moldy or rotten. I did not tolerate such injustice and filled it all with dye to hide the stains. And then I stuffed her ass with celery and oranges, just because I could.
well, I wanted to bake a duck for New Year. Just before the New Year, it suddenly turned out that there were no whole ducks in the store, only spare parts. A strategic decision was made to take the duck parts and cook them. At home, I became upset that there would be no whole duck, and I tried to reconstruct the duck from the breasts and legs by stitching. At the same time, it turned out that the trays had not two, but three legs, making a total of six of them, five of them being left ones. While I was sewing the duck, I coated it a little with food coloring, which my sister had splashed in the kitchen while she was making gingerbread cookies (they turned out great gingerbread cookies, by the way), and the duck began to look like it was moldy or rotten. I did not tolerate such injustice and filled it all with dye to hide the stains. And then I stuffed her ass with celery and oranges, just because I could.
That's quite weird for me as I thought you're usually having durable laptops for education usually. Or were those ones made more for University instead of school?
Forwarded from OrangeFox Recovery NEWS
Recently, a backdoor in the xz package was reported (source: https://news.opensuse.org/2024/03/29/xz-backdoor/). Our OrangeFox infrastructure was utilizing the vulnerable version.
In order to safeguard the security of all our users, we have ultimately decided to shut down the infrastructure until we can ensure that there is no intrusion of any kind in our system.π¦
As the infrastructure operator, I acknowledge the recent downtimes and apologize for any inconvenience caused. Please stay tuned to this message as it will be updated periodically.
In order to safeguard the security of all our users, we have ultimately decided to shut down the infrastructure until we can ensure that there is no intrusion of any kind in our system.
As the infrastructure operator, I acknowledge the recent downtimes and apologize for any inconvenience caused. Please stay tuned to this message as it will be updated periodically.
Please open Telegram to view this post
VIEW IN TELEGRAM
π1π«‘1
Forwarded from mydarkstar
It was found that it is not an issue with systemd, but the fact that integrating other binaries which use liblzma with OpenSSH will lead to the issue in general.
Lennart Poettering mentions that the exploit can happen via pam->libselinux->liblzma and possibly in other cases too:
https://news.ycombinator.com/item?id=39867126
Lennart Poettering mentions that the exploit can happen via pam->libselinux->liblzma and possibly in other cases too:
https://news.ycombinator.com/item?id=39867126
Forwarded from mydarkstar
> Libselinux pulls in liblzma too and gets linked into tons more programs than libsystemd. And will end up in sshd too (at the very least via libpam/pam_selinux). And most of the really big distros tend do support selinux at least to some level. Hence systemd or not, sshd remains vulnerable by this specific attack.