ligma.pro is one of the many independent Mastodon servers you can use to participate in the fediverse.
"pissed everyone off in literally record time" - Recommended by 10 out of 10 people who, for some sad reason, have a dedicated column up to watch #fediblock.

Administered by:

Server stats:

2
active users

Himbo Techbro
Public

TL;DR: Alleged unauthenticated RCE on "all GNU/Linux systems (plus others)"

Now would be a great time to:

- Get all your systems on orchestration
- Shut down all non-critical endpoints
- Prepare yourself to speedrun patches, potentially requiring a reboot, across your entire infrastructure
- Stock up on popcorn

x.com/evilsocket/status/183816

Himbo Techbro

This may or may not be a fix for these vulnerabilities, but if you look close, one of the systems affected is the IPv4 stack.

If you recall, Windows had a vulnerability in the IPv6 stack and everyone's kneejerk reaction was to disable IPv6 forever and ever.

I wonder how many people will have the same reaction to a bug in the IPv4 stack....

ubuntu.com/security/notices/US

UbuntuUSN-7028-1: Linux kernel vulnerabilities | Ubuntu security notices | UbuntuUbuntu is an open source software operating system that runs from the desktop, to the cloud, to all your internet connected things.
翠星石
Public
@r000t Time to disable IPv4 huh?

I'm going to gamble and say that systemd-free systems are not vulnerable.
𝔭𝔶𝔯𝔞𝔱𝔢
Public
@Suiseiseki @r000t

This will need to be confirmed before I can support that. None of my services are running on systemd.
Fedi's favorite twink
Public
@pyrate @Suiseiseki @r000t I don't use systemd on my workstation but it's kinda almost always used for servers 😩
𝔭𝔶𝔯𝔞𝔱𝔢
Public
@teratology @Suiseiseki @r000t oh I also took it off my workstation.

Any Debian box I had running is on OpenRC, this has been the case sense June.

Anything else is Alpine Linux.

The only thing that I can not change to systems atm is fucking proxmox.

Still, I will need to sit with all of this when I get back from the gym. Run updates and check things.
Fedi's favorite twink
Public

@pyrate @Suiseiseki @r000t I haven't used Alpine for servers but I've heard nothing but praise, what are you using if not systemd?

asking for science ofc

𝔭𝔶𝔯𝔞𝔱𝔢
Public
@teratology @Suiseiseki @r000t

OpenRC or sysvinit on Arch adjacent stuff.

I only have experimental things running on a homelab using an ancient dell server. A hidden image board and i2p IRC instance - back channel for frens who want it.

I took Nextcloud offline for the time being and just use that node for over the network rsync backups.

It ain't much, but it serves me better than any trannyslop cloud based alternative.
opal
Quiet public
@teratology @Suiseiseki @r000t @pyrate alpine's great but i can't wait for it to switch to s6
Milo
Public
Still running Ubuntu Server 2016 in 2024 🥴
That Would Be Telling
Public

@r000t So after all this Sturm und Drang it turns out to be a CUPS vulnerability.

Which is not a small thing, per the Xweeter 300K sites on the public IPv4 net, but not a 9.9, which Heartbleed didn't reach.

(Not that your advice is bad, unless one don't like popcorn (and who doesn't??).)

https://news.ycombinator.com/item?id=41662596

news.ycombinator.comAttacking UNIX Systems via CUPS | Hacker News
Himbo Techbro
Public
That Would Be Telling
Public

@r000t That's good and useful, and I'll note current Debian stable Bookworm hasn't had an update to CUPS since a late August point release which updated a lot of things.

That Would Be Telling
Public

@r000t Update: Debian stable bookworm updated CUPS sometime in the last 25 hours.