RSS 생중계
OpenAI Launches a Keypad for AI Agents
Read more of this story at Slashdot.
[$] Topics in filesystem testing
Stripe, Advent Offer to Buy PayPal For More Than $53 Billion
Read more of this story at Slashdot.
Local DoS attack vectors in seunshare 3.10 (SUSE Security Team Blog)
The SUSE Security Team Blog has a post with an analysis of seunshare, which is used by SELinux to confine untrusted programs. During a review of version 3.10 of the program, the team identified two local Denial-of-Service (DoS) vectors.
Since seunshare is supposed to run on SELinux-enabled systems, it is important to understand what kind of privilege escalation can be achieved when vulnerabilities are exploited in a setuid-root binary like this. Many SELinux-enabled systems, such as Fedora and openSUSE, ship with the "targeted" SELinux policy by default. This policy is focused on confining well-known system services, but assigns an unconfined SELinux context to interactive users by default to achieve a balance between security and usability.
There is currently no domain transition from the unconfined domain to the more restricted seunshare_t defined in the SELinux policy for seunshare. This means the execution of seunshare continues in the unconfined domain. Thus in the context of attacks carried out by interactive users, the impact of the vulnerabilities below will be a root-like privilege escalation despite the system running in SELinux enforced mode.
See the post for the full write-up of the team's discoveries and timeline. The vulnerabilities have been fixed in version 3.11.
Microsoft Patches a Record 570 Security Flaws
Read more of this story at Slashdot.
[$] Lockless MPSC FIFO queues for io_uring
Security updates for Wednesday
Many old shim versions are still accepted by secure boot
An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the operating system loads. Code executed during this early boot phase may achieve persistent compromise of the platform, including the ability to load unsigned or malicious kernel components that can survive system reboots and, in some cases, operating system reinstallation.
The advisory contains a list of vulnerable shims.
Astronauts Take First X-Rays In Space
Read more of this story at Slashdot.
House Votes For Permanent Daylight Saving Time
Read more of this story at Slashdot.
Iran Abused Mobile Networks' Vulnerabilities To Locate US Military In Middle East
Read more of this story at Slashdot.
OpenAI's First Device Will Be Moveable, Screenless Speaker Built as AI Companion
Read more of this story at Slashdot.
Google Images Gets a Pinterest-Like Redesign Focused On Discovery
Read more of this story at Slashdot.
Lawsuit Claims Meta's Layoff Decisions Were Made By AI, Not Humans
Read more of this story at Slashdot.
Google DeepMind Calls For US To Spearhead AI Standards Body
Read more of this story at Slashdot.
Linux Foundation's Latest Foray Is To Standardize Internet-Native Payments For AI Agents
Read more of this story at Slashdot.
OnePlus Is Reportedly Shutting Down In the US, Europe
Read more of this story at Slashdot.
IBM Stock Collapses After a Grave Warning About AI
Read more of this story at Slashdot.
The Linux.org story
The site was founded in May 1994 by Michael McLagan, at a time when Linux itself was barely three years old. Linus Torvalds had only just released it to the world, there was no real way for a newcomer to find their footing, no search engines, no Wikipedia, none of the infrastructure people take for granted now for figuring out a new piece of technology. Michael built linux.org to fill that gap, a place for people to learn about Linux and follow the movement as it grew.
New York Becomes First State To Impose Data Center Moratorium
Read more of this story at Slashdot.
