R Software Solution

Patch now: This serious Linux vulnerability affects nearly all distributions

So, yeah, this is bad news with a capital B for Linux users. 

The vulnerability was introduced in April 2021 with the release of glibc 2.34. The flaw is a buffer overflow weakness in the glibc’s ld.so dynamic loader, a crucial component responsible for preparing and executing programs on Linux systems. The vulnerability is triggered when processing the GLIBC_TUNABLES environment variable, making it a significant threat to system integrity and security.

Also: New cryptographic protocol aims to bolster open-source software security

So, how bad is this really? To quote Saeed Abbasi, Qualys Threat Research Unit Product Manager, “This environment variable, intended to fine-tune and optimize applications linked with glibc, is an essential tool for developers and system administrators. Its misuse or exploitation broadly affects system performance, reliability, and security. … The ease with which the buffer overflow can be transformed into a data-only attack … could put countless systems at risk, especially given the extensive use of glibc across Linux distributions.”

And, yes, I’m sorry to say at least one exploit is already available to take advantage of this hole. 

So, what should you do about it? Patch. Patch it now. 

Also: 6 simple cybersecurity rules to live by

The good news is that Red Hat, Ubuntu, Debian, and Gentoo have all released their own updates. In addition, the upstream glibc code has been patched with the fix. 

If you can’t patch it, Red Hat has a script that should work on most Linux systems to mitigate the problem by setting your system to terminate any setuid program invoked with GLIBC_TUNABLES in the environment. 

So, get out there, make the patches, run the scripts, and, if you have vulnerable Internet of Things (IoT) devices, lock them down behind a firewall until a fix is in. Finally, as Porky Pig says, “That’s all, folks!”

Linux

The best Linux laptops for consumers and developers

Want to save your aging computer? Try these 5 Linux distributions

The best distros for beginners

How to enable Linux on your Chromebook (and why you should)

The best Linux laptops for consumers and developers

  • Want to save your aging computer? Try these 5 Linux distributions

  • The best distros for beginners

  • How to enable Linux on your Chromebook (and why you should)

    • Article source: https://www.zdnet.com/article/patch-now-this-serious-linux-vulnerability-affects-nearly-all-distributions/#ftag=RSSbaffb68

    Related posts

    January 17, 2024

    Linux Mint 21.3 is here

    January 07, 2024

    What Linux kernel maintainers do and why they need your help

    January 07, 2024

    Heavy metal Linux 6.6 has arrived