LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

A story of three kernel vulnerabilities

A story of three kernel vulnerabilities

Posted Feb 20, 2013 10:30 UTC (Wed) by renox (subscriber, #23785)
In reply to: A story of three kernel vulnerabilities by Trou.fr
Parent article: A story of three kernel vulnerabilities

> I concur with spender's remark, the vulnerabilities could have been selected to underline a real problem with security and not just metrics with a DoS nobody will ever trigger (the ext4 one is a joke).

"could have been"? What about the HFS+ exploit?
As joey remarked above, it is a real issue..
By focusing on the ext4 DOS, you "forget" the other issue.

(Log in to post comments)

A story of three kernel vulnerabilities

Posted Feb 20, 2013 13:52 UTC (Wed) by Trou.fr (subscriber, #26289) [Link]

well it's a "real" issue but it's nothing compared to others that have a wide security impact as in every script kiddie can pwn a webserver :
1) outdated CMS with remote code execution (mostly PHP)
2) easy execution of any executable
3) ready to use exploit that works reliably as unprivileged user

The HFS+ vuln is not exploitable in that case. While it can be used for "physical" attacks like the USB key, it is not usable remotely.

_Thousands_ of servers have been compromised with that scenario :
1) vulnerable webapp
2) escalation to root using kernel vulnerability (or poor sysadmin)
3) ssh backdoor to collect passwords
4) compromise other hosts, goto 3
5) use compromised servers as DDoS platforms, proxy, whatever...

A story of three kernel vulnerabilities

Posted Feb 20, 2013 16:24 UTC (Wed) by bfields (subscriber, #19510) [Link]

In the late eighties/early nineties I seem to recall infected floppy disks were the main (or at least a very common) vector for virus transmission.

If people don't exchange data on usb keys as much as they used to on floppies, perhaps that wouldn't be as effective these days.

A story of three kernel vulnerabilities

Posted Feb 20, 2013 23:59 UTC (Wed) by andrel (subscriber, #5166) [Link]

Supposedly Stuxnet was transmitted using a USB key.

A story of three kernel vulnerabilities

Posted Feb 21, 2013 11:55 UTC (Thu) by Trou.fr (subscriber, #26289) [Link]

Stuxnet used a vulnerability in the Windows shell (the so-called LNK vulnerability), not in the filesystem code.

As for floppies, viruses spread mostly by running infected executables, not using vulns.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds