ncluding
> distros) will start recommending this milder mitigation when sufficient.
Is this still compatible with Firefox?
IMO an ideal solution would be:
1. Provide a privileged helper daemon that sets up containers based on
user requirements.
2. Port programs that use containers to use this
For containers, I'm not aware of a good solution right now.
--
Sincerely,
Demi Marie Obenour (she/her/hers)
Invisible Things Lab
signature.asc
Description: PGP signature
from /.flatpak-info, instead of having the flatpak
process that spawned the container pass the info to the dbus proxy along
with the FD used to communicate with the container?
--
Sincerely,
Demi Marie Obenour (she/her/hers)
Invisible Things Lab
signature.asc
Description: PGP signature
ot affiliated with your distro
> nor your organization, vouch for at least one of the people requesting
> membership on behalf of your distro (then that one vouched-for person will be
> able to vouch for others on your team, in case you'd like multiple people
> subscribed)
>
&
d have still worked, but was not actually exercising huge pages as
> |intended.)
>
> The Linux commit messages are tremendous books that often leave me
> stunning. I *never* get together such things in my own work
> process. So thanks for spending additional time reiterating
gt; distros@openwall on July 15, 2024.
>
> curl 8.9.0 was released on July 24 2024 around 06:00 UTC, coordinated with
> the publication of this advisory.
>
> CREDITS
> ---
>
> - Reported-by: z2_
> - Patched-by: z2_
>
> Thanks a lot!
>
> --
>
> / daniel.haxx.se
> | Commercial curl support up to 24x7 is available!
> | Private help, bug fixes, support, ports, new features
> | https://curl.se/support.html
--
Sincerely,
Demi Marie Obenour (she/her/hers)
Invisible Things Lab
signature.asc
Description: PGP signature
ated proxy. I would also be fine with
dropping support for non-AEAD ciphers in TLS 1.2.
--
Sincerely,
Demi Marie Obenour (she/her/hers)
Invisible Things Lab
signature.asc
Description: PGP signature
there are still
> machines outside that only offer such old versions.
> Some of them can't be upgraded easily because the vendor doesn't
> provide any new versions.
Can those machines be put behind a proxy?
--
Sincerely,
Demi Marie Obenour (she/her/hers)
Invisible Things Lab
signature.asc
Description: PGP signature
; (It's somewhat amazing how often Windows CE and Windows Mobile crop up
> every now and again).
>
> Jeff
Why does this prevent using a proxy in front of the device? I mean
something like (patched) stunnel or another generic TLS reterminating
proxy, not something specific to the device.
--
Sincerely,
Demi Marie Obenour (she/her/hers)
Invisible Things Lab
signature.asc
Description: PGP signature
ms, e.g. by a search
> engine indexer, an asset enumeration tool, a security scanner, or during
> a pentest.
>
> For both of these categories, it's desirable to have a maintained
> library that supports this wide range of protocol versions. The proxy
> solution that Demi Marie
im itself, only of the rest of the system.
--
Sincerely,
Demi Marie Obenour (she/her/hers)
Invisible Things Lab
signature.asc
Description: PGP signature
the SHA256 has is still bad. Instead, I would use a seeded PRF
with a seed only known to the server, ensuring that the resulting value
does not leak any information about the email.
--
Sincerely,
Demi Marie Obenour (she/her/hers)
Invisible Things Lab
signature.asc
Description: PGP signature
se to
> take that route, though.
>
> Best Regards
>
> Matthias
What about opening the path one portion at a time using openat() with
O_NOFOLLOW (and, as applicable, O_DIRECTORY), ensuring that each portion
is not "." or "..", does not contain "/", and is owned by either the
target user or root? This solves all race conditions and does not
require spawning another process.
--
Sincerely,
Demi Marie Obenour (she/her/hers)
Invisible Things Lab
signature.asc
Description: PGP signature
an
> August of 2022) is just fine.
>
> Hopefully everyone here is running a kernel newer than August of 2022,
> but hey, who knows!
Is this exploitable for anything other than denial of service?
--
Sincerely,
Demi Marie Obenour (she/her/hers)
Invisible Things Lab
signature.asc
Description: PGP signature
closing the same
file descriptor multiple times, and Rust enforces this in the type
system.
--
Sincerely,
Demi Marie Obenour (she/her/hers)
Invisible Things Lab
signature.asc
Description: PGP signature
uld load arbitrary microcode, they
could compromise SMM, SEV-SNP, and DRTM, so this is still pretty bad.
--
Sincerely,
Demi Marie Obenour (she/her/hers)
Invisible Things Lab
signature.asc
Description: PGP signature
rary is realistic, SSRF would be a change of scope (right?), and the
> worst impacts of all 3 kinds are quite possible.
If SSRF is a scope change, shouldn't that mean that RCE is also a scope
change? It's usable for SSRF after all.
--
Sincerely,
Demi Marie Obenour (she/her/hers)
Invisible Things Lab
signature.asc
Description: PGP signature
not configured in a DMARC-compatible
way. Specifically, the mailing list did not rewrite the From: header but did
modify the message body, so the DKIM signature check failed.
--
Sincerely,
Demi Marie Obenour (she/her/hers)
OpenPGP_0xB288B55FFF9C22C1.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
On 4/24/25 7:57 PM, Solar Designer wrote:
> On Thu, Apr 24, 2025 at 07:09:44PM -0400, Demi Marie Obenour wrote:
>> On 4/24/25 3:09 AM, Albert Veli wrote:
>>> On Wed, Apr 23, 2025 at 10:51 PM Salvatore Bonaccorso
>>> wrote:
>>>> FTR, this one has assigned
6.12. Any reason this wasn’t backported to older kernel versions?
Linux kernel patch backporting is best effort, sadly.
--
Sincerely,
Demi Marie Obenour (she/her/hers)
bility.
> >
>
> Is disabling interrupt remapping another way of mitigating this
> vulnerability (e.g iommu=no-intremap) ?
No, as this allows other attacks that allow denial of service at the
very least. See
https://lore.kernel.org/xen-devel/19915.58644.191837.671...@mariner.uk.xensource.com/.
--
Sincerely,
Demi Marie Obenour (she/her/hers)
Invisible Things Lab
signature.asc
Description: PGP signature
ng able to break
them is without question worthy of a CVE. ChromeOS Security
has confirmed that they do indeed consider "attacker corrupts
writable storage to get code execution when the machine reboots"
to be in scope for their threat model.
The only way I can think of to fix this issue
7;s definitely better to reconstruct the URL from scheme, authority,
path, and query before sending the request, but I am almost certain
there are servers in the wild that do not do this.
--
Sincerely,
Demi Marie Obenour (she/her/hers)
OpenPGP_0xB288B55FFF9C22C1.asc
Description: OpenPGP public key
ecurity to
become a comaintainer of the relevant kernel code. It is clear that there
are quite a few people who agree with you, but none of them are currently
upstream filesystem maintainers, and they are the ones who Greg K-H asks when
making decisions as to what is and is not a vulnerability.
--
Sincerely,
Demi Marie Obenour (she/her/hers)
OpenPGP_0xB288B55FFF9C22C1.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
On 6/5/25 23:02, Solar Designer wrote:
> Re-added CC: Attila, Muhammed
>
> On Mon, Jun 02, 2025 at 11:38:30PM -0400, Demi Marie Obenour wrote:
>> On 6/2/25 22:59, Solar Designer wrote:
>>> The kernel security team ended up rejecting the CVE:
>>>
>>>
e
> (skipping today's disclosure or limiting it to even less info than was
> on linux-distros), as doing so didn't seem to serve a useful purpose yet
> it would keep further handling by linux-distros in limbo. Now we're
> done handling this on linux-distros, and any further developments should
> be added to this oss-security thread instead.
Are these exploitable via *classic* BPF? The reason I ask is that this
is nearly always available to unprivileged users in the form of seccomp,
and no hardening guide will recommend disabling seccomp-BPF as that is
one of the best tools userspace has to sandbox itself!
--
Sincerely,
Demi Marie Obenour (she/her/hers)
OpenPGP_0xB288B55FFF9C22C1.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
26 matches
Mail list logo