• Serious Security: The Linux kernel bugs that surfaced after 15 years

    From Manu Raju@T@invalid.invalid to alt.os.linux,alt.os.linux.ubuntu,alt.os.linux.mint on Sun Mar 28 06:12:57 2021
    From Newsgroup: alt.os.linux.ubuntu


    <https://nakedsecurity.sophos.com/2021/03/17/serious-security-the-linux-kernel-bugs-that-surfaced-after-15-years/>






    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From J.O. Aho@user@example.net to alt.os.linux,alt.os.linux.ubuntu,alt.os.linux.mint on Sun Mar 28 12:00:30 2021
    From Newsgroup: alt.os.linux.ubuntu


    On 28/03/2021 07.12, Manu Raju wrote:

    <https://nakedsecurity.sophos.com/2021/03/17/serious-security-the-linux-kernel-bugs-that-surfaced-after-15-years/>

    Only serious if you use iSCSI which the majority of Linux users don't,
    sure the impact could be bad if your cloud service used iSCSI instead of distributed storage.

    The effect of the bugs are far smaller than the ms-exchange bug recently found.

    --

    //Aho
    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From William Unruh@unruh@invalid.ca to alt.os.linux,alt.os.linux.ubuntu,alt.os.linux.mint on Sun Mar 28 15:50:11 2021
    From Newsgroup: alt.os.linux.ubuntu

    On 2021-03-28, J.O. Aho <user@example.net> wrote:

    On 28/03/2021 07.12, Manu Raju wrote:

    <https://nakedsecurity.sophos.com/2021/03/17/serious-security-the-linux-kernel-bugs-that-surfaced-after-15-years/>

    Only serious if you use iSCSI which the majority of Linux users don't,
    sure the impact could be bad if your cloud service used iSCSI instead of distributed storage.

    The effect of the bugs are far smaller than the ms-exchange bug recently found.


    From the web page:
    "The researchers were able to find software that an unprivileged
    attacker could run in order to activate the buggy driver code they’d
    found, and they were able to produce working exploits"


    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From David W. Hodgins@dwhodgins@nomail.afraid.org to alt.os.linux,alt.os.linux.ubuntu,alt.os.linux.mint on Sun Mar 28 12:10:32 2021
    From Newsgroup: alt.os.linux.ubuntu

    On Sun, 28 Mar 2021 11:50:11 -0400, William Unruh <unruh@invalid.ca> wrote:
    On 2021-03-28, J.O. Aho <user@example.net> wrote:
    On 28/03/2021 07.12, Manu Raju wrote:
    <https://nakedsecurity.sophos.com/2021/03/17/serious-security-the-linux-kernel-bugs-that-surfaced-after-15-years/>
    Only serious if you use iSCSI which the majority of Linux users don't,
    sure the impact could be bad if your cloud service used iSCSI instead of
    distributed storage.

    The effect of the bugs are far smaller than the ms-exchange bug recently
    found.

    From the web page:
    "The researchers were able to find software that an unprivileged
    attacker could run in order to activate the buggy driver code they’d
    found, and they were able to produce working exploits"

    The point is that iscsi is rarely used. It has no impact on systems that do not use iscsi (internet scsi). MS exchange is used on almost all servers using windows.

    Regards, Dave Hodgins

    --
    Change dwhodgins@nomail.afraid.org to davidwhodgins@teksavvy.com for
    email replies.
    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From J.O. Aho@user@example.net to alt.os.linux,alt.os.linux.ubuntu,alt.os.linux.mint on Sun Mar 28 18:25:29 2021
    From Newsgroup: alt.os.linux.ubuntu

    On 28/03/2021 17.50, William Unruh wrote:
    On 2021-03-28, J.O. Aho <user@example.net> wrote:

    On 28/03/2021 07.12, Manu Raju wrote:

    <https://nakedsecurity.sophos.com/2021/03/17/serious-security-the-linux-kernel-bugs-that-surfaced-after-15-years/>

    Only serious if you use iSCSI which the majority of Linux users don't,
    sure the impact could be bad if your cloud service used iSCSI instead of
    distributed storage.

    The effect of the bugs are far smaller than the ms-exchange bug recently
    found.


    From the web page:
    "The researchers were able to find software that an unprivileged
    attacker could run in order to activate the buggy driver code they’d
    found, and they were able to produce working exploits"

    You need to load the module before you can exploit it, this will in most
    cases require you gain root access, and then run the exploit, this of
    course requires you have some kind of access to the machine either
    another set of vulnerabilities or an account.

    Sure if you already have some network scsi devices mounted, then it's
    just get to execute the code, either by other vulnerabilities or an
    account on the machine.


    Compare that with the current vulnerability in ms-exchange which is
    remotely exploitable and only needs a tweaked set of packages to be sent
    to gain hold of the system. Exploit was released on github which
    microsoft went and deleted without the repository owner knew of it, but
    I would say that was already too late as the exploit is use widely out
    in the wild. CVE-2021-26855 (critical), CVE-2021-26857 (high),
    CVE-2021-26858 (high), CVE-2021-27065 (high).


    So is the iSCSI bug a wolf or maybe just a mouse, sure there are systems
    where it could cause a lot of problems, but the majority of Linux
    devices do not use iSCSI.

    --

    //Aho


    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From William Unruh@unruh@invalid.ca to alt.os.linux,alt.os.linux.ubuntu,alt.os.linux.mint on Sun Mar 28 18:03:52 2021
    From Newsgroup: alt.os.linux.ubuntu

    On 2021-03-28, David W. Hodgins <dwhodgins@nomail.afraid.org> wrote:
    On Sun, 28 Mar 2021 11:50:11 -0400, William Unruh <unruh@invalid.ca> wrote:
    On 2021-03-28, J.O. Aho <user@example.net> wrote:
    On 28/03/2021 07.12, Manu Raju wrote:
    <https://nakedsecurity.sophos.com/2021/03/17/serious-security-the-linux-kernel-bugs-that-surfaced-after-15-years/>
    Only serious if you use iSCSI which the majority of Linux users don't,
    sure the impact could be bad if your cloud service used iSCSI instead of >>> distributed storage.

    The effect of the bugs are far smaller than the ms-exchange bug recently >>> found.

    From the web page:
    "The researchers were able to find software that an unprivileged
    attacker could run in order to activate the buggy driver code they’d
    found, and they were able to produce working exploits"

    The point is that iscsi is rarely used. It has no impact on systems that do not
    use iscsi (internet scsi). MS exchange is used on almost all servers using windows.

    No idea why MS exchange is coming in here. Their announcement was never
    a competition.

    The question is whether or not someone can get onto a machine which does
    not use iscsi, but where the module for iscsi is installed on the
    machine, and use these bugs to to get at the machine. The implication
    from the web page is yes, it can be so used. If true, then whether or
    not that machine uses iscsi is irrelevant. But I certainly do not know
    if it can thus be used.

    My standard Mageia 7 installation has a directory /usr/lib/modules/5.10.19-desktop-1.mga7/kernel/drivers/target/iscsi
    which suggests that the module is available and could be loaded by an "appropriate program".


    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From William Unruh@unruh@invalid.ca to alt.os.linux,alt.os.linux.ubuntu,alt.os.linux.mint on Sun Mar 28 18:07:12 2021
    From Newsgroup: alt.os.linux.ubuntu

    On 2021-03-28, J.O. Aho <user@example.net> wrote:
    On 28/03/2021 17.50, William Unruh wrote:
    On 2021-03-28, J.O. Aho <user@example.net> wrote:

    On 28/03/2021 07.12, Manu Raju wrote:

    <https://nakedsecurity.sophos.com/2021/03/17/serious-security-the-linux-kernel-bugs-that-surfaced-after-15-years/>

    Only serious if you use iSCSI which the majority of Linux users don't,
    sure the impact could be bad if your cloud service used iSCSI instead of >>> distributed storage.

    The effect of the bugs are far smaller than the ms-exchange bug recently >>> found.


    From the web page:
    "The researchers were able to find software that an unprivileged
    attacker could run in order to activate the buggy driver code they’d
    found, and they were able to produce working exploits"

    You need to load the module before you can exploit it, this will in most cases require you gain root access, and then run the exploit, this of
    course requires you have some kind of access to the machine either
    another set of vulnerabilities or an account.

    Sure if you already have some network scsi devices mounted, then it's
    just get to execute the code, either by other vulnerabilities or an
    account on the machine.

    The web page intimates that an attacker with user priviledges (not root)
    could run an appropriate program to get that module loaded and then use
    the bugs. They do not give enough information to show how.



    Compare that with the current vulnerability in ms-exchange which is

    Again, who cares if the MS one is worse?


    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From yossarian@yossarian@novalid.com to alt.os.linux,alt.os.linux.ubuntu,alt.os.linux.mint on Sun Mar 28 20:37:29 2021
    From Newsgroup: alt.os.linux.ubuntu

    On Sun, 28 Mar 2021 18:03:52 -0000 (UTC)
    William Unruh <unruh@invalid.ca> wrote:
    The question is whether or not someone can get onto a machine which does
    not use iscsi, but where the module for iscsi is installed on the
    machine, and use these bugs to to get at the machine. The implication
    from the web page is yes, it can be so used. If true, then whether or
    not that machine uses iscsi is irrelevant. But I certainly do not know
    if it can thus be used.
    from page you linked
    Fortunately, it seemed that no one else had looked at the code for all that time, at least not diligently enough to spot the bugs, so they’re now patched and the three CVEs they found are now fixed:
    so no problemo
    --
    Mint 20.00, kernel 5.4.0-58-generic, Cinnamon 4.6.7
    running on an AMD Ryzen 3 3200G with Radeon Vega Graphics×4 with 16GB of DRAM. --- Synchronet 3.18a-Linux NewsLink 1.113
  • From David W. Hodgins@dwhodgins@nomail.afraid.org to alt.os.linux,alt.os.linux.ubuntu,alt.os.linux.mint on Sun Mar 28 14:25:23 2021
    From Newsgroup: alt.os.linux.ubuntu

    On Sun, 28 Mar 2021 14:03:52 -0400, William Unruh <unruh@invalid.ca> wrote:

    On 2021-03-28, David W. Hodgins <dwhodgins@nomail.afraid.org> wrote:
    On Sun, 28 Mar 2021 11:50:11 -0400, William Unruh <unruh@invalid.ca> wrote: >>> On 2021-03-28, J.O. Aho <user@example.net> wrote:
    On 28/03/2021 07.12, Manu Raju wrote:
    <https://nakedsecurity.sophos.com/2021/03/17/serious-security-the-linux-kernel-bugs-that-surfaced-after-15-years/>
    Only serious if you use iSCSI which the majority of Linux users don't, >>>> sure the impact could be bad if your cloud service used iSCSI instead of >>>> distributed storage.

    The effect of the bugs are far smaller than the ms-exchange bug recently >>>> found.

    From the web page:
    "The researchers were able to find software that an unprivileged
    attacker could run in order to activate the buggy driver code they’d
    found, and they were able to produce working exploits"

    The point is that iscsi is rarely used. It has no impact on systems that do not
    use iscsi (internet scsi). MS exchange is used on almost all servers using windows.

    No idea why MS exchange is coming in here. Their announcement was never
    a competition.

    The question is whether or not someone can get onto a machine which does
    not use iscsi, but where the module for iscsi is installed on the
    machine, and use these bugs to to get at the machine. The implication
    from the web page is yes, it can be so used. If true, then whether or
    not that machine uses iscsi is irrelevant. But I certainly do not know
    if it can thus be used.

    My standard Mageia 7 installation has a directory /usr/lib/modules/5.10.19-desktop-1.mga7/kernel/drivers/target/iscsi
    which suggests that the module is available and could be loaded by an "appropriate program".

    The module can be auto loaded, but isn't in most distributions, unless you've configured iscsi devices.
    # zgrep ISCSI_TCP /proc/config.gz
    CONFIG_ISCSI_TCP=m

    In addition, to that, the iscsi device(s) would have to be accessible from
    the internet for the exploit to be remotely vulnerable.

    So no firewall, and either directly connected to the net or with a router set to forward traffic to tcp ports 860 and 3260 on one of the systems configured to use iscsi.

    It's possible, but pretty rare.

    Regards, Dave Hodgins

    --
    Change dwhodgins@nomail.afraid.org to davidwhodgins@teksavvy.com for
    email replies.
    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From David W. Hodgins@dwhodgins@nomail.afraid.org to alt.os.linux,alt.os.linux.ubuntu,alt.os.linux.mint on Sun Mar 28 14:45:50 2021
    From Newsgroup: alt.os.linux.ubuntu

    On Sun, 28 Mar 2021 14:25:23 -0400, David W. Hodgins <dwhodgins@nomail.afraid.org> wrote:
    In addition, to that, the iscsi device(s) would have to be accessible from the internet for the exploit to be remotely vulnerable.

    Just checked the kernel update that fixed the last part of the issue for Mageia was
    released March 22th, 2021.
    https://advisories.mageia.org/MGASA-2021-0151.html

    Regards, Dave Hodgins

    --
    Change dwhodgins@nomail.afraid.org to davidwhodgins@teksavvy.com for
    email replies.
    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From David W. Hodgins@dwhodgins@nomail.afraid.org to alt.os.linux,alt.os.linux.ubuntu,alt.os.linux.mint on Sun Mar 28 16:40:42 2021
    From Newsgroup: alt.os.linux.ubuntu

    On Sun, 28 Mar 2021 14:07:12 -0400, William Unruh <unruh@invalid.ca> wrote:
    The web page intimates that an attacker with user priviledges (not root) could run an appropriate program to get that module loaded and then use
    the bugs. They do not give enough information to show how.

    Only if root has already configured an iscsi device that the user can mount.

    Regards, Dave Hodgins

    --
    Change dwhodgins@nomail.afraid.org to davidwhodgins@teksavvy.com for
    email replies.
    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From TheSidhe@nic@none.net to alt.os.linux,alt.os.linux.ubuntu,alt.os.linux.mint on Sun Mar 28 18:23:43 2021
    From Newsgroup: alt.os.linux.ubuntu

    On 3/28/21 1:12 AM, Manu Raju wrote:

    <https://nakedsecurity.sophos.com/2021/03/17/serious-security-the-linux-kernel-bugs-that-surfaced-after-15-years/>







    From the article--
    …in code that had been sitting there inconspicuously for some 15 years.

    Fortunately, it seemed that no one else had looked at the code for all
    that time, at least not diligently enough to spot the bugs, so they’re
    now patched and the three CVEs they found are now fixed:

    CVE-2021-27365. Exploitable heap buffer overflow due to the use of sprintf().
    CVE-2021-27363. Kernel address leak due to pointer used as unique ID.
    CVE-2021-27364. Buffer overread leading to data leakage or denial
    of service (kernel panic).

    and I asked myself what does this mean, it made me feel unhappy and incompetent that I did not know what "Exploitable heap buffer overflow
    due to the use of sprintf" and upon further reflection I asked for
    information about the isp for the website here is what I got--





    IPv4
    IPv6
    ISP
    Domain
    My IP
    Options
    About

    Server IP:
    Reverse DNS (PTR) <no PTR record>
    AS number AS2635
    AS name (ISP) Automattic, Inc
    IP-range/subnet 192.0.66.0/24
    Network tools
    Location United States (US)

    Hosting
    Number of domains hosted 31
    Domain DomainRank
    nabshow.com 62
    edn.com 57
    thecmoclub.com 51
    vinsolutions.com 43
    radioshowweb.com 36
    DNSBL
    IP address is listed.
    DNSBL Status DNSBL Status
    dnsbl.spfbl.net Listed b.barracudacentral.org OK
    bl.spamcop.net OK cbl.abuseat.org OK
    db.wpbl.info OK dnsbl-1.uceprotect.net OK
    dnsbl-2.uceprotect.net OK dnsbl-3.uceprotect.net OK
    dnsbl.dronebl.org OK dnsbl.sorbs.net OK
    dul.dnsbl.sorbs.net OK dyna.spamrats.com OK
    http.dnsbl.sorbs.net OK ips.backscatterer.org OK
    korea.services.net OK misc.dnsbl.sorbs.net OK
    pbl.spamhaus.org OK psbl.surriel.com OK
    sbl.spamhaus.org OK smtp.dnsbl.sorbs.net OK
    spam.dnsbl.sorbs.net OK spam.spamrats.com OK recent.spam.dnsbl.sorbs.net OK ubl.unsubscore.com OK xbl.spamhaus.org OK zen.spamhaus.org OK
    Whois

    #
    # ARIN WHOIS data and services are subject to the Terms of Use
    # available at: https://www.arin.net/resources/registry/whois/tou/
    #
    # If you see inaccuracies in the results, please report at
    # https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
    #
    # Copyright 1997-2021, American Registry for Internet Numbers, Ltd.
    #


    NetRange: 192.0.64.0 - 192.0.127.255
    CIDR: 192.0.64.0/18
    NetName: AUTOMATTIC
    NetHandle: NET-192-0-64-0-1
    Parent: NET192 (NET-192-0-0-0-0)
    NetType: Direct Assignment
    OriginAS: AS2635
    Organization: Automattic, Inc (AUTOM-93)
    RegDate: 2012-11-20
    Updated: 2012-11-20
    Ref: https://rdap.arin.net/registry/ip/192.0.64.0


    OrgName: Automattic, Inc
    OrgId: AUTOM-93
    Address: 60 29th Street #343
    City: San Francisco
    StateProv: CA
    PostalCode: 94110
    Country: US
    RegDate: 2011-10-05
    Updated: 2019-11-21
    Ref: https://rdap.arin.net/registry/entity/AUTOM-93


    OrgNOCHandle: NOC12276-ARIN
    OrgNOCName: NOC
    OrgNOCPhone: +1-877-273-8550
    OrgNOCEmail: ipadmin@automattic.com
    OrgNOCRef: https://rdap.arin.net/registry/entity/NOC12276-ARIN

    OrgAbuseHandle: ABUSE3970-ARIN
    OrgAbuseName: Abuse
    OrgAbusePhone: +1-877-273-8550
    OrgAbuseEmail: abuse@automattic.com
    OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3970-ARIN

    OrgTechHandle: NOC12276-ARIN
    OrgTechName: NOC
    OrgTechPhone: +1-877-273-8550
    OrgTechEmail: ipadmin@automattic.com
    OrgTechRef: https://rdap.arin.net/registry/entity/NOC12276-ARIN


    #
    # ARIN WHOIS data and services are subject to the Terms of Use
    # available at: https://www.arin.net/resources/registry/whois/tou/
    #
    # If you see inaccuracies in the results, please report at
    # https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
    #
    # Copyright 1997-2021, American Registry for Internet Numbers, Ltd.
    #
    ------------------

    Notice the name Automattic, Inc, employing 1700 people, and thus I will continue to use Linux in every way.
    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From J.O. Aho@user@example.net to alt.os.linux,alt.os.linux.ubuntu,alt.os.linux.mint on Mon Mar 29 07:32:06 2021
    From Newsgroup: alt.os.linux.ubuntu

    On 28/03/2021 20.03, William Unruh wrote:
    On 2021-03-28, David W. Hodgins <dwhodgins@nomail.afraid.org> wrote:
    On Sun, 28 Mar 2021 11:50:11 -0400, William Unruh <unruh@invalid.ca> wrote: >>> On 2021-03-28, J.O. Aho <user@example.net> wrote:
    On 28/03/2021 07.12, Manu Raju wrote:
    <https://nakedsecurity.sophos.com/2021/03/17/serious-security-the-linux-kernel-bugs-that-surfaced-after-15-years/>
    Only serious if you use iSCSI which the majority of Linux users don't, >>>> sure the impact could be bad if your cloud service used iSCSI instead of >>>> distributed storage.

    The effect of the bugs are far smaller than the ms-exchange bug recently >>>> found.

    From the web page:
    "The researchers were able to find software that an unprivileged
    attacker could run in order to activate the buggy driver code they’d
    found, and they were able to produce working exploits"

    The point is that iscsi is rarely used. It has no impact on systems that do not
    use iscsi (internet scsi). MS exchange is used on almost all servers using windows.

    No idea why MS exchange is coming in here. Their announcement was never
    a competition.

    To show what a real serious bug is that is easily remote executed and
    actively used.


    The question is whether or not someone can get onto a machine which does
    not use iscsi, but where the module for iscsi is installed on the
    machine, and use these bugs to to get at the machine. The implication
    from the web page is yes, it can be so used. If true, then whether or
    not that machine uses iscsi is irrelevant. But I certainly do not know
    if it can thus be used.

    By default you will not have it loaded nor have you configured a device
    to use it in your fstab or multi path configuration, so there will not
    be anything that loads it, which leaves you need root access or a vulnerability that gives you that privilege.

    simple verification: lsmod | grep iscsi


    My standard Mageia 7 installation has a directory /usr/lib/modules/5.10.19-desktop-1.mga7/kernel/drivers/target/iscsi
    which suggests that the module is available and could be loaded by an "appropriate program".

    rm -rf /usr/lib/modules/5.10.19-desktop-1.mga7/kernel/drivers/target/iscsi

    and problem solved.


    --

    //Aho
    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From William Unruh@unruh@invalid.ca to alt.os.linux,alt.os.linux.ubuntu,alt.os.linux.mint on Mon Mar 29 06:11:42 2021
    From Newsgroup: alt.os.linux.ubuntu

    On 2021-03-28, TheSidhe <nic@none.net> wrote:
    On 3/28/21 1:12 AM, Manu Raju wrote:

    <https://nakedsecurity.sophos.com/2021/03/17/serious-security-the-linux-kernel-bugs-that-surfaced-after-15-years/>







    From the article--
    …in code that had been sitting there inconspicuously for some 15 years.

    Fortunately, it seemed that no one else had looked at the code for all
    that time, at least not diligently enough to spot the bugs, so they’re
    now patched and the three CVEs they found are now fixed:

    CVE-2021-27365. Exploitable heap buffer overflow due to the use of sprintf().
    CVE-2021-27363. Kernel address leak due to pointer used as unique ID.
    CVE-2021-27364. Buffer overread leading to data leakage or denial
    of service (kernel panic).

    and I asked myself what does this mean, it made me feel unhappy and incompetent that I did not know what "Exploitable heap buffer overflow
    due to the use of sprintf" and upon further reflection I asked for information about the isp for the website here is what I got--

    It means that the function sprintf is used in the program. sprintf
    copies input to a string variable, but does not check how long the input
    is. The string variable has only a certain number of bytes allocated to
    it in memory (on the heap) but since sprintf does not check, it can copy
    far more onto the heap than is allocated. Now other stuff stored on the
    "heap" like the address of the part of the program where execution is
    supposed to return to after the subroutine finishes. Thus the hacker can
    get the program to overwrite that return address, and sustitute any
    address the hacker wants it to return to ( and execute the hacker's
    code).Sine this is inside a module, it is running as root, so the hacker
    can get the system to execute the hacker's code as root.

    .....

    Much network ip lookup eliminated.
    #
    ------------------

    Notice the name Automattic, Inc, employing 1700 people, and thus I will continue to use Linux in every way.


    I would however update your kernel to the latest kernels just to slam
    shut this door (which is probably not open terrible often anyway). So
    yes, continue to use Linux, but keep it up to date.
    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From David W. Hodgins@dwhodgins@nomail.afraid.org to alt.os.linux,alt.os.linux.ubuntu,alt.os.linux.mint on Mon Mar 29 03:07:55 2021
    From Newsgroup: alt.os.linux.ubuntu

    On Mon, 29 Mar 2021 01:32:06 -0400, J.O. Aho <user@example.net> wrote:
    By default you will not have it loaded nor have you configured a device
    to use it in your fstab or multi path configuration, so there will not
    be anything that loads it, which leaves you need root access or a vulnerability that gives you that privilege.
    simple verification: lsmod | grep iscsi

    It would also be vulnerable if a distro or person compiles their kernel with the module builtin rather then as a loadable module. I doubt anyone or a distro would do that unless they actually use it.

    It may be builtin in some internet of things devices, but I doubt there are
    any that do.

    Regards, Dave Hodgins

    --
    Change dwhodgins@nomail.afraid.org to davidwhodgins@teksavvy.com for
    email replies.
    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From DanS@t.h.i.s.n.t.h.a.t@r.o.a.d.r.u.n.n.e.r.c.o.m to alt.os.linux,alt.os.linux.ubuntu,alt.os.linux.mint on Mon Mar 29 16:53:09 2021
    From Newsgroup: alt.os.linux.ubuntu

    William Unruh <unruh@invalid.ca> wrote in
    news:s3qge8$kim$1@dont-email.me:

    On 2021-03-28, David W. Hodgins
    <dwhodgins@nomail.afraid.org> wrote:
    On Sun, 28 Mar 2021 11:50:11 -0400, William Unruh
    <unruh@invalid.ca> wrote:
    On 2021-03-28, J.O. Aho <user@example.net> wrote:
    On 28/03/2021 07.12, Manu Raju wrote:
    <https://nakedsecurity.sophos.com/2021/03/17/serious-sec
    urity-the-linux-kernel-bugs-that-surfaced-after-15-years

    Only serious if you use iSCSI which the majority of
    Linux users don't, sure the impact could be bad if your
    cloud service used iSCSI instead of distributed storage.

    The effect of the bugs are far smaller than the
    ms-exchange bug recently found.

    From the web page:
    "The researchers were able to find software that an
    unprivileged attacker could run in order to activate the
    buggy driver code they’d found, and they were able to
    produce working exploits"

    The point is that iscsi is rarely used. It has no impact
    on systems that do not use iscsi (internet scsi). MS
    exchange is used on almost all servers using windows.

    No idea why MS exchange is coming in here

    LOL...Really?

    I see it as the same thing as Trumpers, whenever you talk about things he'd done that
    you don't like....and have verified facts and information to completely support your view
    on it, and they'll be all...

    "...bu, bu, bu, bu..what about Hillary?!?!"

    I STILL hear this, even after Biden was sworn in.
    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From Aragorn@thorongil@telenet.be to alt.os.linux,alt.os.linux.ubuntu,alt.os.linux.mint on Tue Mar 30 13:11:35 2021
    From Newsgroup: alt.os.linux.ubuntu

    On 29.03.2021 at 16:53, DanS scribbled:
    I see it as the same thing as Trumpers, whenever you talk about
    things he'd done that you don't like....and have verified facts and information to completely support your view on it, and they'll be
    all...

    "...bu, bu, bu, bu..what about Hillary?!?!"

    I STILL hear this, even after Biden was sworn in.
    You should check out the latest conspiracy theory regarding Hillary.
    The QAnon idiots are now claiming that Trump's "white hats" have
    deliberately caused that container ship to get lodged in the Suez Canal
    because there are allegedly children in those containers that the
    reptilian shapeshifting communist pedophiles from the 76th dimension of
    the Pizzagate™ pedo ring are smuggling around the world. And Hillary
    even put her name on the ship, because its registration number is
    "HR7C" (or something like that).
    I kid you not. 10 million Americans believe that shit. <facepalm>
    --
    With respect,
    = Aragorn =
    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From Bobbie Sellers@bliss@mouse-potato.com to alt.os.linux.ubuntu on Tue Mar 30 08:22:04 2021
    From Newsgroup: alt.os.linux.ubuntu

    On 3/30/21 4:11 AM, Aragorn wrote:
    On 29.03.2021 at 16:53, DanS scribbled:


    I see it as the same thing as Trumpers, whenever you talk about
    things he'd done that you don't like....and have verified facts and
    information to completely support your view on it, and they'll be
    all...

    "...bu, bu, bu, bu..what about Hillary?!?!"

    I STILL hear this, even after Biden was sworn in.

    You should check out the latest conspiracy theory regarding Hillary.

    The QAnon idiots are now claiming that Trump's "white hats" have
    deliberately caused that container ship to get lodged in the Suez Canal because there are allegedly children in those containers that the
    reptilian shapeshifting communist pedophiles from the 76th dimension of
    the Pizzagate™ pedo ring are smuggling around the world. And Hillary
    even put her name on the ship, because its registration number is
    "HR7C" (or something like that).

    I kid you not. 10 million Americans believe that shit. <facepalm>

    If it was only 10 million Americans but probably closer to
    to at least 3 times that. We have about 330,000,000 Americans
    which is why vaccination is such a monumental task. Now I know
    perfectly well that microchips are not yet so refined as to
    be injectable or permitted in vaccines but if they were I
    would be glad to keep track of these Know-Nothings. If
    they believe such stupid ideas then they will be needing
    help.

    bliss- Oh, drat these computers. They're so naughty and so complex. I
    could pinch them. --Marvin the Martian

    --
    bliss dash SF 4 ever at dslextreme dot com
    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From Alfonso P Cutaway@dweed54@mouse-potato.com to alt.os.linux,alt.os.linux.ubuntu,alt.os.linux.mint on Wed Mar 31 17:09:53 2021
    From Newsgroup: alt.os.linux.ubuntu

    On Mon, 29 Mar 2021 16:53:09 -0500, DanS wrote:

    William Unruh <unruh@invalid.ca> wrote in
    news:s3qge8$kim$1@dont-email.me:

    On 2021-03-28, David W. Hodgins <dwhodgins@nomail.afraid.org> wrote:
    On Sun, 28 Mar 2021 11:50:11 -0400, William Unruh <unruh@invalid.ca>
    wrote:
    On 2021-03-28, J.O. Aho <user@example.net> wrote:
    On 28/03/2021 07.12, Manu Raju wrote:
    <https://nakedsecurity.sophos.com/2021/03/17/serious-sec
    urity-the-linux-kernel-bugs-that-surfaced-after-15-years />
    Only serious if you use iSCSI which the majority of Linux users
    don't, sure the impact could be bad if your cloud service used iSCSI >>>>> instead of distributed storage.

    The effect of the bugs are far smaller than the ms-exchange bug
    recently found.

    From the web page:
    "The researchers were able to find software that an unprivileged
    attacker could run in order to activate the buggy driver code they’d >>>> found, and they were able to produce working exploits"

    The point is that iscsi is rarely used. It has no impact on systems
    that do not use iscsi (internet scsi). MS exchange is used on almost
    all servers using windows.

    No idea why MS exchange is coming in here

    LOL...Really?

    I see it as the same thing as Trumpers, whenever you talk about things
    he'd done that you don't like....and have verified facts and information
    to completely support your view on it, and they'll be all...

    "...bu, bu, bu, bu..what about Hillary?!?!"

    I STILL hear this, even after Biden was sworn in.

    B Biggest

    I Idiot

    D Democrats

    E Ever

    N Nominated
    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From DanS@t.h.i.s.n.t.h.a.t@r.o.a.d.r.u.n.n.e.r.c.o.m to alt.os.linux,alt.os.linux.ubuntu,alt.os.linux.mint on Sat Apr 3 06:28:04 2021
    From Newsgroup: alt.os.linux.ubuntu

    Alfonso P Cutaway <dweed54@mouse-potato.com> wrote in news:s42ad1$t1b$1@dont-email.me:

    On Mon, 29 Mar 2021 16:53:09 -0500, DanS wrote:

    William Unruh <unruh@invalid.ca> wrote in
    news:s3qge8$kim$1@dont-email.me:

    On 2021-03-28, David W. Hodgins
    <dwhodgins@nomail.afraid.org> wrote:
    On Sun, 28 Mar 2021 11:50:11 -0400, William Unruh
    <unruh@invalid.ca> wrote:
    On 2021-03-28, J.O. Aho <user@example.net> wrote:
    On 28/03/2021 07.12, Manu Raju wrote:
    <https://nakedsecurity.sophos.com/2021/03/17/serious-s
    ec
    urity-the-linux-kernel-bugs-that-surfaced-after-15-yea
    rs />
    Only serious if you use iSCSI which the majority of
    Linux users don't, sure the impact could be bad if
    your cloud service used iSCSI instead of distributed
    storage.

    The effect of the bugs are far smaller than the
    ms-exchange bug recently found.

    From the web page:
    "The researchers were able to find software that an
    unprivileged attacker could run in order to activate
    the buggy driver code they’d found, and they were
    able to produce working exploits"

    The point is that iscsi is rarely used. It has no impact
    on systems that do not use iscsi (internet scsi). MS
    exchange is used on almost all servers using windows.

    No idea why MS exchange is coming in here

    LOL...Really?

    I see it as the same thing as Trumpers, whenever you talk
    about things he'd done that you don't like....and have
    verified facts and information to completely support your
    view on it, and they'll be all...

    "...bu, bu, bu, bu..what about Hillary?!?!"

    I STILL hear this, even after Biden was sworn in.

    B Biggest

    I Idiot

    D Democrats

    E Ever

    N Nominated

    Perhaps...only time will tell.
    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From DecadentLinuxUserNumeroUno@DecadentLinuxUserNumeroUno@decadence.org to alt.os.linux.ubuntu on Sat Apr 17 12:34:15 2021
    From Newsgroup: alt.os.linux.ubuntu

    Alfonso P Cutaway <dweed54@mouse-potato.com> wrote in news:s42ad1$t1b$1@dont-email.me:

    On Mon, 29 Mar 2021 16:53:09 -0500, DanS wrote:

    William Unruh <unruh@invalid.ca> wrote in
    news:s3qge8$kim$1@dont-email.me:

    On 2021-03-28, David W. Hodgins <dwhodgins@nomail.afraid.org>
    wrote:
    On Sun, 28 Mar 2021 11:50:11 -0400, William Unruh
    <unruh@invalid.ca> wrote:
    On 2021-03-28, J.O. Aho <user@example.net> wrote:
    On 28/03/2021 07.12, Manu Raju wrote:
    <https://nakedsecurity.sophos.com/2021/03/17/serious-sec
    urity-the-linux-kernel-bugs-that-surfaced-after-15-years />
    Only serious if you use iSCSI which the majority of Linux
    users don't, sure the impact could be bad if your cloud
    service used iSCSI instead of distributed storage.

    The effect of the bugs are far smaller than the ms-exchange
    bug recently found.

    From the web page:
    "The researchers were able to find software that an
    unprivileged attacker could run in order to activate the buggy
    driver code they’d found, and they were able to produce
    working exploits"

    The point is that iscsi is rarely used. It has no impact on
    systems that do not use iscsi (internet scsi). MS exchange is
    used on almost all servers using windows.

    No idea why MS exchange is coming in here

    LOL...Really?

    I see it as the same thing as Trumpers, whenever you talk about
    things he'd done that you don't like....and have verified facts
    and information to completely support your view on it, and
    they'll be all...

    "...bu, bu, bu, bu..what about Hillary?!?!"

    I STILL hear this, even after Biden was sworn in.

    B Biggest

    I Idiot

    D Democrats

    E Ever

    N Nominated


    Whereas you are the biggest turd to have ever shoved your head a
    mile up Trump's fat skanky ass. You stink, boy.

    They should put your whore mother in prison for failing to flush
    you the moment she shat you.
    --- Synchronet 3.18a-Linux NewsLink 1.113