CISA has issued an urgent alert about a critical use-after-free vulnerability in the Linux kernel, tracked as CVE-2024-1086. This vulnerability, hidden within the netfilter: nf_tables component, allows local attackers to escalate their privileges and potentially deploy ransomware, which could severely disrupt enterprise systems worldwide.

This vulnerability, hidden within the netfilter: nf_tables component, allows local attackers to escalate their privileges and potentially deploy ransomware, which could severely disrupt enterprise systems worldwide.

  • Treczoks@lemmy.worldEnglish
    201·
    1 day ago

    For exploiting a privilege escalation the attacker must be able to run their own code on your machine. If you let them do such things, you already have more than enough security problems in the first place.

    • okamiueru@lemmy.worldEnglish
      5·
      23 hours ago

      Except for supply chain attacks. You get a foot in the door, and open the rest with impunity

    • Zangoose@lemmy.worldEnglish
      6·
      1 day ago

      But then the kernel wouldn’t be free! Free as in ‘use-after-free’!

      (/s in case it wasn’t obvious)

    • ZILtoid1991@lemmy.worldEnglish
      11·
      1 day ago

      Okay, then why we need to use a language that has more in common with OCaml? What about using a better C instead?

      • dragonfly4933@lemmy.dbzer0.comEnglish
        29·
        2 days ago

        Explain how a use after free could occur in safe rust, because to my knowledge, that is exactly the kind of thing rust does protect against.

      • Zangoose@lemmy.worldEnglish
        5·
        1 day ago

        Do you know what a use-after-free bug is? Rust was literally designed to make this type of memory bug impossible.

      • Noja@sopuli.xyzEnglish
        21·
        21 hours ago

        You never say “would not of”. It’s “would not have”.

        Rust would have prevented this, because the borrow checker prevents use-after-free vulnerabilites.

    • Shanmugha@lemmy.worldEnglish
      43·
      1 day ago

      Magical pills do not exist. Better start pushing old fuckers incapable of learning out of the project (yeah, I don’t like this kind of treatment of Rust just because it is not C either)

      • Quazatron@lemmy.worldEnglish
        181·
        1 day ago

        Old fuckers exist to protect young fuckers from throwing out the baby with the bath water.

        • Quazatron@lemmy.worldEnglish
          2·
          19 hours ago

          I’m referring to the ageism implied in the statement, I don’t care about C vs Rust any more than I care about vi vs emacs or KDE vs Gnome.

          Old fuckers have experience, they have seen many next big things come and go, that’s why they seem slow to adopt new stuff. Of course this annoys new fuckers a lot, as they want to play with their new shiny toys now.

          Patience is a virtue, young grasshopper.

        • Shanmugha@lemmy.worldEnglish
          51·
          1 day ago

          Ooh, so “get out with this Rust, I ain’t gonna think about when writing my code” is protecting a baby now?

        • AMoistGrandpa@lemmy.caEnglish
          5·
          1 day ago

          Rust is a programming language which was designed to be memory safe without any of the overhead caused by traditional memory safety techniques employed by existing languages (namely, garbage collection and reference counting). It does this by shifting the memory management from happening at runtime to happening at compile time. The compiler forces the programmer to follow certain rules to ensure that their program can be proven to be free of errors such as use-after-frees and double-frees. Because of this design philosophy, Rust is a good fit as a replacement for C, because it can do everything that C can while ensuring the programmer doesn’t make any mistakes with regard to memory management.

        • henfredemars@infosec.pubEnglish
          81·
          2 days ago

          Yes, that’s right. You cannot have a UAF situation unless you’re using unsafe “escape hatch” tools.

            • henfredemars@infosec.pubEnglish
              1·
              1 day ago

              I think the idea is that it’s easier to manage your resources in C++ if you write your code using RAII. Linux is mainly C, not C++, which makes resource management a little bit more manual.

              Rust however categorically tries to stop these problems from happening in an even stronger way. You can still write bad code in any language, but it’s supposed to be a lot more difficult to get memory corruption.

            • turdas@suppo.fiEnglish
              1·
              1 day ago

              It’s not a joke. What was described above is pretty much C++'s RAII pattern, which Rust evangelists love to present as a revolutionary Rust invention. Used with smart pointers, it will help avoid use-after-frees. What it doesn’t avoid is null pointer exceptions (you can std::move a unique_ptr and still access it, it’ll just be nullptr), but those will typically “just” be a crash rather than a gaping security hole.

              That is not to say Rust doesn’t have its own innovations on top of that (notably that the compiler stringently enforces this pattern), and C++ does give you many more ways to break the rules and shoot yourself in the foot than Rust does.

              • sp3ctr4l@lemmy.dbzer0.comEnglish
                3·
                1 day ago

                Your second half there is the whole point.

                Being memory unsafe in C++ is can occur by accident.

                Being memory unsafe in Rust… essentiallly requires consistent intent.

                When coming up with guidelines for an emgineering procesd that can go catastrophically wrong… do you use a stricter ruleset, or a less strict one?

                That’s basically the safety argument.

                • turdas@suppo.fiEnglish
                  1·
                  20 hours ago

                  If you follow modern C++ best practices, memory unsafety will not happen by accident. The dodgy stuff in modern, idiomatic C++ is immediately obvious.

          • dragonfly4933@lemmy.dbzer0.comEnglish
            7·
            2 days ago

            This is correct, but not what most people think. For example, memory leaks could be considered bugs and it is easy to leak memory memory in safe rust on purpose.

            Memory leaks are usually not disastrous for security, mostly an issue for availability, sometimes.

            • Zangoose@lemmy.worldEnglish
              2·
              1 day ago

              I think a lot of the confusion comes from the ambiguity of the phrase “memory leak.” Rust is designed around preventing insecure memory access (accessing out of bounds for an array, use-after-free, etc.) and devs call that a memory leak. But another form of memory leak is just not freeing up memory when its no longer needed (e.g. continuously pushing a bunch of things to a global vector and never clearing it). That is more of a fundamental program design issue that rust can’t do anything about. (and really, neither could any turing complete language)

        • just_another_person@lemmy.worldEnglish
          38·
          2 days ago

          Improbable. Everything has bugs that surface. See my other link, or look yourself. There have been plenty of security fixes for Rust. It’s not bulletproof, just like anything else, just less likely specifically for certain memory attacks to be vectors.

          • arcterus@piefed.blahaj.zoneEnglish
            102·
            2 days ago

            Everything has bugs that surface.

            This is a worthless statement. Rust is designed to help reduce the number of bugs. No one thinks Rust will completely eliminate all bugs. Your argument about fixes in the compiler or standard library or whatever applies to C as well.

            See my other link, or look yourself.

            The link you posted says nothing about Rust software having bugs, it’s about malware written in Rust exploiting bugs in other software.

    • onlinepersona@programming.devEnglish
      244·
      2 days ago

      But… You dont understand, Rust is the devil! If Rust were made the kernel’s main language it would terrible because that would mean change 😭😭😭

    • corsicanguppy@lemmy.caEnglish
      1314·
      2 days ago

      Yay! Pick an arbitrary solution to a problem just because it’s different and shiny! The shine will fix it!

  • turdas@suppo.fiEnglish
    843·
    2 days ago

    This only affects positively ancient kernels:

    From (including) 3.15 Up to (excluding) 5.15.149 From (including) 6.1 Up to (excluding) 6.1.76 From (including) 6.2 Up to (excluding) 6.6.15 From (including) 6.7 Up to (excluding) 6.7.3

    • henfredemars@infosec.pubEnglish
      22·
      2 days ago

      You need to be able to run code on the system that has the bug. The bug is in the netfilter component, in how it’s managed on that system, not in the actual traffic flows.

      • BCsven@lemmy.caEnglish
        113·
        2 days ago

        So a non issue unless somebody has physical access to the machine?

        • henfredemars@infosec.pubEnglish
          1·
          1 day ago

          Not directly, but as other comment has mentioned, it reduces the overall security posture because it could be combined with other flaws known and unknown.

        • who@feddit.orgEnglish
          18·
          2 days ago

          Unfortunately, it’s not that simple, because attacks often involve “exploit chains”. In this case, an attacker would use a different vulnerability to gain code execution capability, and then use that capability to exploit this vulnerability.

          Update your systems, folks.