lmao
>local exploit*yawn*
>>10872229616.04 LTS chads keep winning
>>108722296https://www.securityweek.com/easily-exploitable-pack2theroot-linux-vulnerability-leads-to-root-access/>According to Deutsche Telekom’s Red Team, which discovered the vulnerability, Linux distributions confirmed as affected include Ubuntu Desktop 18.04 (EOL), 24.04.4 (LTS), 26.04 (LTS beta), Ubuntu Server 22.04 – 24.04 (LTS), Debian Desktop Trixie 13.4, RockyLinux Desktop 10.1, Fedora 43 Desktop, and Fedora 43 Server.>“It is reasonable to assume that all distributions that ship PackageKit with it enabled are vulnerable. Since PackageKit is an optional dependency of the Cockpit project, many servers with Cockpit installed might be vulnerable as well, including Red Hat Enterprise Linux (RHEL),” Deutsche Telekom notes. RedHat again, who'd have guesses
>>108722366>software has bugs >how can I turn this into a schizo moment?>IT'S RED HAT, GUYS! I TOLD YOU SO!!!!! AAAAAAAAAAARRRGH
>>108722380but it would not be first time and it is not rare
>>108722380>>software has bugs uhm yes, when it shouldn't? especially not when tens of thousands machines run it
The cope is incredible.
>>108722403>>108722406Absolute retards.
And Ladies and gentelman , thats why Docker is so great
>>108722445docker is not rootless by default, use something better like podman
This is why we need RustCue the cnile seething
>>108722296>requires a system account with exec privileges
>>108722380>systemd restarts the compromised daemonremind me again who wrote systemd?
>>108722305given that majority of the linux users nowadays download and run software straight from github or via npm install I think its safe to say that this will affect plenty of people.
>>108722472how do you use your computer without exec privileges? you literally can't do anything if you don't exec something
>>108722458rust doesn't magically fix logic errors
>>108723166It does solve memory problems though.Also in high level languages it is easier to reason about logic since relevant code isn't bogged down in low-level stuff.
>>108723327are there any OS-es written completely in rust? it can be TempleOS tier, it doesn't have to be very serious
Just rmmod the module, nobody cares
I don't have anything *kit installed because I know it's garbage.
>>108722366>Deutsche Telekom’s Red TeamISPs with their own red teams? That's pretty based desu
>>108722511it's open source, everyone can read the code and report it
>>108722418If you run random .exe, your windows will suddenly get viruses. Same thing.
>>108722517You can have system accounts without exec privileges, for mail, ftp, web hosting, etc.
>>108722517like this$ chmod 644 /path/to/binary$ /lib64/ld-linux-x86-64.so.2 /path/to/binary
$ chmod 644 /path/to/binary$ /lib64/ld-linux-x86-64.so.2 /path/to/binary
>>108723940Neither you nor anyone else have ever read the code of any of the open source software you or they use and you know it
>>108722296it's literally been fixed, but winblows niggers will spam this propagandahttps://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html
>>108724127Are you serious?This vulnerability is literally open source, written in bash script.The Polkit developers will see and fix it eventually.
>>108724021what is a "system account"why do you think this exploit needs one
>>108724107>/lib64/ld-linux-x86-64.so.2isn't this an exec?
>>108722296And that's why Gentoo is based.USE="-systemd -policykit"
USE="-systemd -policykit"
>>108722511Their own zoomer fault for not getting them through the package manager
>PackageKitlol I don't run that Red Hat nonsense
>>108724199if you're in system account, this exploits can't run
>>108724237please define system accountplease explain how this exploit can't run in one
>>108722457>no compose support>recommended alternative is k8s based and requires systemdpod what?
>>108722339BASED!
>>108722366>Debian Desktop Trixie 13.4How's it that I don't have Packagekit despite being on Trixie. Oh it's not enabled by default. Stupid blog post.
>>108724179Weird how you didn't address anything I said.
>Every Linux machine since 2017.Apparently not kek
>>108724615What distro even has a PackageKit daemon running as default?It feels like all of Linux gets blamed for Fedora shitting its bed.
>>108724684I don't know why you think I would either know or care or why you think that that question is relevant to my post.
>>108724339ze pod you vill live in
>>108724690The distro you're using is obviously not Fedora which is why it won't work so how is it not relevant to your post?
>>108724615I tried it on debian and it just asked me for a password when it tried to launch su
>>108723166>replacing page cache contents leading to execution of arbitrary code in setuid marked files>not a memory errorlel.
Wonder if I can sploit my out of support BlackBerry (Key2).
>>108722458correct. anytime a new feature is added to the Linux kernel, assume it's an unexploded bomb waiting to go off in your face. same reason I disable shit like io_uring and ntsync and now this shitty AF_ALG socket type. you can't trust these retards to write safe and correct C code. hell if you watch the Kent "KWAB" Overstreet plumber's conference video about VFS, you'll wonder how many heisenvulns are lurking in that shitshow.
>>108724975Once you heard about anything public regarding NSA and Linus not letting them do what they wanted, you should have known it was over.
>>108722296don't you need root to install deb already?
>>108725006has nothing to do with the NSA schizo nigger faggot.regular shittainers, probably including (You) can't write code. Linux is too large and too retarded. unironically they should have merged the "joke" C++ conversion patch as a starting point to fixing this shitshow, but most retards, read cniles, are against functional abstractions. Note I didn't say Rust either, even though that'd be better, but not as realistic.
>>108724975it's not a kernel vulnerabilitytrue cniles run shit like slackware which is not affected at all by this exploit because it doesn't run that gnome dbus garbage
>>108725047>has nothing to do with the NSAEven discounting the high likelihood of NSA sponsored vulns in the linux kernel, do you thing the braod intellectual compromise of software development in the west isn't by design?
>>108723911One of the cooler aspects of living in a cyberpunk reality.
>>108725051AF_ALG is a socket type to talk to the kernel crypto API. has nothing to do with dbus.
>>108722511>the majority>im referring to my nonexistent friends>im schizo
>>108725074no, because it makes zero sense. any industry that puts people at risk is already held to ridiculous (and mostly non-functional) processes to ensure stupid cnile garbage doesn't blow your leg off, then you find out you have to reboot your 787 flight computer because it has a basic bitch arithmetic counter overflow. anyway, whatever. pointless wasting time talking to retarded schizos.
>>108722511
>>108725082look at the OP, dudeI'm not talking about your unrelated pet issues
>>108725096It can not blow your leg off and still provide means to exploit you.
>>108722296>PackageKit
>>108725111ok, I thought this was copy.fail again.
how do i just disable this shit, i dont want to upgrade my kernel
>>108723352there's redox, but it uses unsafe all over the place. the issue with kernel and safety is that you have an entire new class of issues related to logic, permissions, scheduling and races that you usually don't need to handle in a regular program.for instance, you have to find and mitigate all potential TOCTOU bugs. these can't be algorithmically detected, so your only option is to manually try to find them. a toctou bug may span across dozens of files, and are mostly harmless, but sometime they can give an attacker privileges.copyfail exploits a race condition (which can't be algorithmically detected in this context).through AF_ALG, a special socket type for kernel backed openssl primitives and splice to write 4 bytes into a page cached in the kernel's page cache.exploits like this have popped in the past, but copyfail lets you write into a controlled location in the page, thus allowing you to modify memory from other processes.bugs like this were bound to happen in such a huge program that is the kernel.
>>108722339based
>>108722296>be me>running devuan since it's inception>with the same configuration: apparmor plus firejail, /tmp on separate partition with noexec, nosuid and nodev, /var/tmp bound to /tmp, nothing installed out of repos>always fineIncidentally i just harden windows a bit and install stuff from winget or inside dedicated sandboxes (for warez shit), so i'm always fine even there. You literally have all the instruments at your reach to not get fucked, most of the time not installing third-part shit is more than enough, if you get your system compromised nowadays it's only because of you.
>>108722380I say this unironically
>>108722296bros??
>>108725544Don't run random py scripts from the internet?
>can't get copyfail to work on my gentoo
>>108726176even though user-space crypto API support is enabled in my kernel
Would using Linux’s version of NetBSD’s VeriExec “fix” this? Basically, NetBSD can be configured to run only cryptographically signed binaries with your cryptographic keys.
>>108724003>Linuxfags boast how virus-free their OS is compared to Microslop Jeetdows>Linuxfags get hit with an exploit that only needs running an unelevated script>Linuxfags now say that this is to be expected and it's not a big dealgeg every single time. nyet, the system is gud comrade, off to gulag with (You).
>>108726332They're not serious people.
>>108722296>local privilege excalationYeah, nothingburger.
>>108722296>Prevented by SELinuxFedora wins again
>>108726337That I know. Serious people don't treat operating systems like political parties.
>>108724159And affected kernels can block the exploit with a single terminal command.It's another nothing burger, just like the cupsd exploit from 2024.
>>108726176works on my machineget mad fagsfedora wins once again
>>108722296>been silently patched for a month>https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v7.0.3&id=a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5winfags dont get old to me they keep proving how tech illiterate they are
>>108726433Just updated packages.Sadly, no longer works. What a scam.
>>108726433Works on my university’s computers as well, get fucked microslop.
>>108722296I use cachyos and don't have packagekit installed, not my problem.
>>108722511No one does that. And second, malicious code doesn’t need sudo access. reaching the local user is more than enough. Getting there is the hard part. Once you get there, you can do a lot of things.
>>108726470lmao. this is the time anon.Make sure they can't lock you out. Make a sudo user for yourself for life.
>>108724159another easy win for us! uh... great distros.
>>108724615>curling a random web address and piping it into super usergood god almight jesus christ
>>108726498Reddit said it was safe
>>108726498it's piped into python, not subut yes
>>108722457Every container I run lets me set whatever UID and GID I want and even if they have root, they're contained - what are they going to do? None of the filesystems I mount require root access to read/write because if they did they'd be useless. And only Syncthing has access to my important files, the others only have access to pirated media.And all of them are behind WireGuard anyway.
>>108722366>PackageKitSome random shit I have never heard of can be used to get root escalation.
>>108726639>im a larper
>>108722511Just checked my system, not vulnerable. Doesn't load the affected module.Red Hat systems compile the vulnerability into the kernel you have to disable it with boot params.
>>108726651No, I am a Linux user.
>>108726498oh boy do i have some news for you about how linux is run today
>be frontend dev>inherited some prod servers from horribly broken project>one man hoster/fullstack dev shop that went bankrupt>has been riddled with RCEs for ten years(at least)>no root, documentation or backups>contract hasn't been signed yet so not my problemThanks client's new CTO for making such absurd demands to your own works that they have stalled contract negotiation for three months.
I use SELinux.Zero fucks given.
>>108722366>Pack2TheRoot was addressed in PackageKit version 1.3.5. Patches for it have also been included in recent Debian, Ubuntu, and Fedora updates. >Pack2TheRoot was addressed in PackageKit version 1.3.5. Patches for it have also been included in recent Debian, Ubuntu, and Fedora updates. >Pack2TheRoot was addressed in PackageKit version 1.3.5. Patches for it have also been included in recent Debian, Ubuntu, and Fedora updates. So its literally been fixed and the only issue would be embedded devices and LTSC that dont update often?
>>108722296FUCK DTAGI HATE DTAG
>>108726332fuck off winfag. your os is no better.
>>108722339lmao
>>108726713>and the only issue would be embedded devicesEmbedded devices wouldn't have PackageKit installed.
That's why I like void, none of that microjeet sponsored bloat. I wish it were even more bsd like
>>108726747so who is this going to effect? people who dont have updated kernels? so like mint and debian users?
>>108726752hey there leah! hows the tradition going?
>>108726783Small/Medium businesses that run on random shared debian hosting from the 2010s. There's many of those around here, including a local clinic. Granted, they've all been cracked before and never attempted to fix anything so not like anything changed.
Who the fuck still uses Packagekit in 2026? I'd be shocked if an exploit like this didn't exist.
>>108726835If you are running distros older than 2016 you probably aren't affected. Meanwhile all the current rhel versions are vulnerable.
>>108726498>Responding to obvious baitLurk more newfag
install void linux
Are we sure this is an exploit and no an intended feature?
this the shit why my work had to reboot fucking everything?
>>108722296MAC CHADS CANT STOP WINNING
>>108727449you gotta update all your memes. he's retiring.
>>108724602You're bad faith arguing, there's no point of conversing with your croaking
Package*Kit*who do they think they are NeXTstep / Apple?
>6.12.85+deb13-amd64Doesn't work on my machine lmao.
>>108725127>el bencho
>>108727991I'm not arguing at all, you're just inherently combative and have no substantive disagreement with my statement so you just post nonsense because you feel like you have to reply
>>108726835If you're not doing any patch management or hardening for "legacy" systems like that, you DESERVE to be pwned.Caveat emptor. Not the "exploits" fault you're too lazy to test for said exploit.
>>108725644Less than 5% of Redox is unsafe.
>>108722511My system doesn't use the affected module, and I've blocked it from running as a preventative measure.I'll unblock it once a kernel update addresses the vulnerability.This vulnerability is about as serious as the CUPS nothingburger from 2024.
>majority of the thread and news about this is already obsolete because of patches, even on Debian stable, just like the copy fail threadNothing ever happens
>>108726626containers aren't safe from escaping to the host, there's been plenty of exploits
>>108722511Root access is the least of your worries if you're running arbitrary unvetted code on your system.
>>108729191This is why we have 2fa.
>>108728333>pessi cuckittini
>>108722296WSL status?
I wanna try it at work.Maybe in one of our labs.
>>108724684Fedora is ok, the problem is Redhat
>>108724615>>108726498Kek
>>108729256anon...
>>108724179>>This vulnerability is literally open source,>We have developed a working proof-of-concept that reliably exploits this vulnerability to achieve root code execution from an unprivileged local user on default installations of various distributions. However, the PoC code is not being shared publicly at this time for obvious reasons.https://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html
>>108729392Yes?
>>108729408>the PoC code is not being shared publicly at this timearen't they distributing the python script? what?
>tinkertranny with AI >constant stream of updates for programs and packages and modules nobody actually checks>comfyUI custom nodes have already been used as an attack vector>install every missing package in every random workflow I come across anywayit's only a matter of time desu
>>108722511I have nothing of value and my shit is backed up
>>108722380It's literally Red Hat
>>108729610comfyui is such a pile of shit. the package management is awful and everything is constantly broken in some way.
