Another Linux vulnerability

Comments

• Neoon Community Contributor, Veteran

  May 15

  How about, everyone gets their own dedi.
• CloudHopper Member

  May 15

  @deafcon said:

  @Neoon said:

  @deafcon said:
  https://x.com/v12sec/status/2055282721212252178?s=20

  blyat

  No details, but that one sounds real bad for everyone.

  Oh there is details, and also a PoC on Github...
  https://github.com/v12-security/pocs/tree/main/qemu

  Thanked by 1deafcon
• Neoon Community Contributor, Veteran

  May 15

  @CloudHopper said:

  @deafcon said:

  @Neoon said:

  @deafcon said:
  https://x.com/v12sec/status/2055282721212252178?s=20

  blyat

  No details, but that one sounds real bad for everyone.

  Oh there is details, and also a PoC on Github...
  https://github.com/v12-security/pocs/tree/main/qemu

  "exploit doesn´t work with ipv6.disable=1"

  Fuck IPv6, I knew it.

  Thanked by 3jsg marcopolio emgh
• rdes Member

  May 15

  From what I understand, active cxl is required in qemu for this to work. I don't know if anyone uses it in production?

  Thanked by 4MikeA tentor oloke Peppery9
• glueckself Member

  May 15

  @rdes said:
  From what I understand, active cxl is required in qemu for this to work. I don't know if anyone uses it in production?

  Proxmox doesn't seem to:

  # ps -Af | grep cxl
  root      207744  204863  0 17:12 pts/2    00:00:00 grep cxl
  
• PuDLeZ Member

  May 15

  @Protocol903 said:

  @Tony40 said: Linux is becoming the new Windows OS... As it get more popular and a largest users based the attacks, malwares, virus, hacks will grow!

  are you saying that you'd rather be oblivious of vulnerabilities and consider it not existing? Or would you rather be Microsoft, closed source, no way to audit code, no way to know any vulnerability until it has been abused in the wild a thousand times?

  Vulnerabilities being found are good thing. It means that despite being open source, more and more complex vulnerabilities are being patched.

  The second biggest reason(or even biggest for some) for not open sourcing a software is to hide code from malicious actors/security researchers thus making it hard to exploit their system.
  I don't think this is a good way to deal with vulnerabilities. The more openly audited something is, the better, secure and reliable it will be on the long run.

  @Tony40 yeah, vulns/exploits will continue to grow but they're also easier to find since the source is available and a lot of people have been running AI on it to find them...

  Though, can you do me a favor? Please look into how many vulns/exploits (LPEs like this, even RCEs) have been found in the previous years? The numbers might shock you if you base your assumptions off the press/attention they've been getting lately...
• jsg Member, Resident Benchmarker

  May 15 edited May 15

  @raindog308 said:

  @concept said: @raindog308 https://lowendbox.com/blog/lets-try-bsd-part-1-of-7-introduction-freebsd-openbsd-netbsd-dragonflybsd/

  Actually, I'm not a huge FreeBSD guy. Respect it and enjoy it, but life is short and I can't fall in love with every OS.

  I do love OpenBSD, though, niche as it is.

  @jsg is more of a FreeBSD guy.

  Thanks - and vice versa (love & respect) wrt OpenBSD.

  @NickA said:

  @MikeA said:
  Who's the guy that loves freebsd? we need him to post here yet again.

  I'll fill in for now cos I love it. What we need is panel support for freebsd again, cpanel and DA both ditched it. Who's laughing now? Not us on linux and cPanel this past couple of weeks that's for sure

  Not so sure about that because most templated FreeBSD installs I've seen are, uhm, how to put it, "not optimal", really totally not.

  But yes, I do consider the BSDs more secure than linux, mainly for the "cathedral vs bazar" approach and quite few "funny experiments" (and if they occasionally do one it's very experienced adults and they take their time to double and triple check).
• OhJohn Member

  May 15

  @Neoon said: "exploit doesn´t work with ipv6.disable=1"

  Sanity spotted
• raindog308 Administrator, Veteran

  May 15

  @jsg said: But yes, I do consider the BSDs more secure than linux,

  I think the unified kernel/userland has a lot to do with it. It's one source tree, as opposed to a hundred different trees trying to cooperate.
• rpqu Member

  May 15

  fuck
• jonathanspw Member, Host Rep

  May 15

  https://almalinux.org/blog/2026-05-15-ssh-keysign-pwn-cve-2026-46333/

  Thanked by 3Zhenmue VirtFusion eva2000
• jsg Member, Resident Benchmarker

  May 15

  @raindog308 said:

  @jsg said: But yes, I do consider the BSDs more secure than linux,

  I think the unified kernel/userland has a lot to do with it. It's one source tree, as opposed to a hundred different trees trying to cooperate.

  That's an important factor as well but IMO the main reason is the "cathedral" structure and experienced adults responsible (as opposed to e.g. GKH).
• OhJohn Member

  May 15

  @jonathanspw said: https://almalinux.org/blog/2026-05-15-ssh-keysign-pwn-cve-2026-46333/

  Welcome to 404 land again, Ubuntu: https://ubuntu.com/security/CVE-2026-46333 (Friday, 1745 UTC)

  Thanked by 1oloke
• Kevinf100 Member

  May 16

  @Neoon said:

  @CloudHopper said:

  @deafcon said:

  @Neoon said:

  @deafcon said:
  https://x.com/v12sec/status/2055282721212252178?s=20

  blyat

  No details, but that one sounds real bad for everyone.

  Oh there is details, and also a PoC on Github...
  https://github.com/v12-security/pocs/tree/main/qemu

  "exploit doesn´t work with ipv6.disable=1"

  Fuck IPv6, I knew it.

  @yoursunny does this count for IPv6 hall of shame? /s