Unauthenticated RCE vs all GNU/Linux systems to be fully disclosed in 2 weeks with no working fix yet - eviltoast
  • nyan@sh.itjust.works
    link
    fedilink
    arrow-up
    11
    ·
    1 month ago

    I can’t think of anything except the kernel that is genuinely obligatory on all Linux systems, including embedded. Not glibc (musl). Not udev (mdev). Not systemd (OpenRC/runit/etc). My guess is that this is another exploit of something the reporter hasn’t realized isn’t mandatory because they’re not familiar with non-mainstream distros. I suppose it could be a kernel issue that Android has specifically patched, but if that’s it it’ll be fixed in short order.

    In other words, not exactly holding my breath.

    • corsicanguppy@lemmy.ca
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 month ago

      If it’s only GNU Linux - and not regular Linux - then we know it’s not the Linux where the issue occurs. ;-)

      (Just analyzing what’s said. It’s probably all linuxes if it’s not a glibc issue)

    • MigratingtoLemmy@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 month ago

      10/10 that poor bloke from Intel who copy-pasted code without understanding it (and got an earful for it) had buffer overflow bugs in his bit of plagiarized oeuvre

    • communism@lemmy.ml
      link
      fedilink
      arrow-up
      1
      ·
      1 month ago

      It says GNU/Linux but also says “and others” which could mean anything. eg doesnt specify if something like Alpine would be affected—is that “and others”?

      In any case, I’ll wait 2 weeks and find out.