f



Systemd vulnerability crashes Linux systems

From Newsgroup: feed.comp.blog.betanews

A new vulnerability has been discovered that could shut down most Linux 
systems using a command short enough to fit in a tweet. Linux 
administrator and founder of the security certificate company SSLMate 
Andrew Ayer discovered the bug, which has the potential to kill a 
number of critical commands while making others unstable just by 
entering the short command: NOTIFY_SOCKET=/run/systemd/notify 
systemd-notify "". Ayer described the severity of the bug in an 
advisory, saying: "All of this can be caused by a command that's short 
enough to fit in a Tweet. The bug is serious, as it allows any local 
user... [Continue Reading]

http://feeds.betanews.com/~r/bn/~3/ymROC05rukE/

-- 
Eduardo
Sorocaba SP Brasil
www.alt119.net

“Acreditamos no sonho e construímos a realidade”
   - Roberto Marinho
0
JEMM
10/7/2016 10:35:25 PM
comp.os.linux.misc 33599 articles. 1 followers. amosa69 (78) is leader. Post Follow

13 Replies
562 Views

Similar Articles

[PageSpeed] 59

On 2016-10-08 00:35, JEMM wrote:
> From Newsgroup: feed.comp.blog.betanews
> 
> A new vulnerability has been discovered that could shut down most Linux
> systems using a command short enough to fit in a tweet.

Old news, and patched on most distributions.

-- 
Cheers, Carlos.
0
Carlos
10/8/2016 1:23:02 PM
"Carlos E.R." <robin_listas@invalid.es>:

> > A new vulnerability has been discovered that could shut down most Linux
> > systems using a command short enough to fit in a tweet.
 
> Old news, and patched on most distributions.

Yep.
"Most distributions running systemd have published patches and the
issue has been fixed in the upstream systemd code. While the bug was
quickly fixed, its existence fuelled the fires of the systemd
controversy on many message boards and raised concerns about systemd's
complexity."
https://distrowatch.com/weekly.php?issue=20161003#news

The OP is probably a wintroll.

Yrrah
0
Yrrah
10/8/2016 4:19:06 PM
On 2016-10-08, Yrrah <Yrrah-aolu@aolu.invalid> wrote:
> "Carlos E.R." <robin_listas@invalid.es>:
>
>> > A new vulnerability has been discovered that could shut down most Linux
>> > systems using a command short enough to fit in a tweet.
>  
>> Old news, and patched on most distributions.
>
> Yep.
> "Most distributions running systemd have published patches and the
> issue has been fixed in the upstream systemd code. While the bug was
> quickly fixed, its existence fuelled the fires of the systemd
> controversy on many message boards and raised concerns about systemd's
> complexity."
> https://distrowatch.com/weekly.php?issue=20161003#news

How is 10 days ago "old news" and who would have updated their systemd in
that time? Certainly Mageia has not updated their system. Which have?

>
> The OP is probably a wintroll.
>
> Yrrah
0
William
10/8/2016 7:13:26 PM
On 2016-10-08 21:13, William Unruh wrote:
> On 2016-10-08, Yrrah <Yrrah-aolu@aolu.invalid> wrote:
>> "Carlos E.R." <robin_listas@invalid.es>:
>>
>>>> A new vulnerability has been discovered that could shut down most Linux
>>>> systems using a command short enough to fit in a tweet.
>>  
>>> Old news, and patched on most distributions.
>>
>> Yep.
>> "Most distributions running systemd have published patches and the
>> issue has been fixed in the upstream systemd code. While the bug was
>> quickly fixed, its existence fuelled the fires of the systemd
>> controversy on many message boards and raised concerns about systemd's
>> complexity."
>> https://distrowatch.com/weekly.php?issue=20161003#news
> 
> How is 10 days ago "old news" and who would have updated their systemd in
> that time? Certainly Mageia has not updated their system. Which have?

I have seen at least another thread about that issue start and end, and in one or two mail lists. That's old news to me.

The patches have been published, I understand, before the public knew about the issue.

On Leap 42.1 the issue does not happen.

mathias@kirika:~> NOTIFY_SOCKET=/run/systemd/notify systemd-notify ""
Failed to notify init system: No such file or directory

On a Beta 42.2, as root I see different error:

Eleanor4-up:~ # NOTIFY_SOCKET=/run/systemd/notify systemd-notify ""
Eleanor4-up:~ # 
Message from syslogd@Eleanor4-up at Oct  8 22:01:03 ...
 systemd[1]: Caught <ABRT>, dumped core as pid 24446.

Broadcast message from systemd-journald@Eleanor4-up (Sat 2016-10-08 22:01:04 CEST):

systemd[1]: Caught <ABRT>, dumped core as pid 24446.


Message from syslogd@Eleanor4-up at Oct  8 22:01:04 ...
 systemd[1]: Freezing execution.

Broadcast message from systemd-journald@Eleanor4-up (Sat 2016-10-08 22:01:04 CEST):

systemd[1]: Freezing execution.


Eleanor4-up:~ # 


On another 42.2 machine, running the command as user, I see in the log:

Oct  8 22:05:40 linux-qyxj systemd[1]: Assertion 'n > 0' failed at src/core/manager.c:1510, function manager_invoke_notify_message(). Aborting.
Oct  8 22:05:40 linux-qyxj systemd[1]: Caught <ABRT>, dumped core as pid 4130.
Oct  8 22:05:40 linux-qyxj systemd[1]: Freezing execution.
Oct  8 22:05:42 linux-qyxj systemd-coredump[4131]: Process 4130 (systemd) of user 0 dumped core.

As root I get:

linux-qyxj:~ # NOTIFY_SOCKET=/run/systemd/notify systemd-notify ""
Failed to notify init system: Connection refused
linux-qyxj:~ # 


So yes, there is a patch in place.



-- 
Cheers, Carlos.
0
Carlos
10/8/2016 8:09:27 PM
On Sat, 08 Oct 2016 18:19:06 +0200, Yrrah wrote:

> The OP is probably a wintroll.

	Not necessarily. Many in the Linux community loath systemd and 
are no doubt enjoying this fracas. 
0
Jens
10/8/2016 8:49:22 PM
On 10/08/2016 01:49 PM, Jens Stuckelberger wrote:
> On Sat, 08 Oct 2016 18:19:06 +0200, Yrrah wrote:
>
>> The OP is probably a wintroll.
>
> 	Not necessarily. Many in the Linux community loath systemd and
> are no doubt enjoying this fracas.
>

	Yes!  Which is likely the reason the OP made his post.
I ran systemd for a year or so under Mageia 4.1 & 5 and I switched
to PCLinuxOS 2016.03 and started as soon as I learned it could
take UEFI into consideration.  Please note that PCLOS has not
shifted to systemd.  That was not a consideration on my part.

	bliss

-- 
bliss dash SF 4 ever at dslextreme dot com
0
Bobbie
10/8/2016 9:56:18 PM
On 2016-10-08, Carlos E.R. <robin_listas@invalid.es> wrote:
> On 2016-10-08 21:13, William Unruh wrote:
>> On 2016-10-08, Yrrah <Yrrah-aolu@aolu.invalid> wrote:
>>> "Carlos E.R." <robin_listas@invalid.es>:
>>>
>>>>> A new vulnerability has been discovered that could shut down most Linux
>>>>> systems using a command short enough to fit in a tweet.
>>>  
>>>> Old news, and patched on most distributions.
>>>
>>> Yep.
>>> "Most distributions running systemd have published patches and the
>>> issue has been fixed in the upstream systemd code. While the bug was
>>> quickly fixed, its existence fuelled the fires of the systemd
>>> controversy on many message boards and raised concerns about systemd's
>>> complexity."
>>> https://distrowatch.com/weekly.php?issue=20161003#news
>> 
>> How is 10 days ago "old news" and who would have updated their systemd in
>> that time? Certainly Mageia has not updated their system. Which have?
>
> I have seen at least another thread about that issue start and end, and in one or two mail lists. That's old news to me.

In the past 5 days or so? I am sure that the reporters who discovered
the problem also knew about it before this thread. But that does not
make it "old news".

>
> The patches have been published, I understand, before the public knew about the issue.

No, the patches as I understood it, went into git, but not into a final
patch push. That is vastly different. 

>
> On Leap 42.1 the issue does not happen.
>
> mathias@kirika:~> NOTIFY_SOCKET=/run/systemd/notify systemd-notify ""
> Failed to notify init system: No such file or directory

Does that not strike you as a bit strange that you are getting a "No
such file or directory" error? That would suggest to me that it puts the
stuff into a different place in filesystem, not that the problem is not
there.
Or are you intimating that Suse knew about this problem months ago, and
never bothered to notify anyone else about such a security patch? That
would make them pretty irresponsible citizens and would sure make me run
as fast as I could away from them.
>
> On a Beta 42.2, as root I see different error:
>
> Eleanor4-up:~ # NOTIFY_SOCKET=/run/systemd/notify systemd-notify ""
> Eleanor4-up:~ # 
> Message from syslogd@Eleanor4-up at Oct  8 22:01:03 ...
>  systemd[1]: Caught <ABRT>, dumped core as pid 24446.


And an ABRT and a  core dump does not worry you?



> Broadcast message from systemd-journald@Eleanor4-up (Sat 2016-10-08 22:01:04 CEST):
>
> systemd[1]: Caught <ABRT>, dumped core as pid 24446.
>
>
> Message from syslogd@Eleanor4-up at Oct  8 22:01:04 ...
>  systemd[1]: Freezing execution.

And systemd dying does not worry you?
>
> Broadcast message from systemd-journald@Eleanor4-up (Sat 2016-10-08 22:01:04 CEST):
>
> systemd[1]: Freezing execution.
>
>
> Eleanor4-up:~ # 
>
>
> On another 42.2 machine, running the command as user, I see in the log:
>
> Oct  8 22:05:40 linux-qyxj systemd[1]: Assertion 'n > 0' failed at src/core/manager.c:1510, function manager_invoke_notify_message(). Aborting.
> Oct  8 22:05:40 linux-qyxj systemd[1]: Caught <ABRT>, dumped core as pid 4130.
> Oct  8 22:05:40 linux-qyxj systemd[1]: Freezing execution.
> Oct  8 22:05:42 linux-qyxj systemd-coredump[4131]: Process 4130 (systemd) of user 0 dumped core.
>
> As root I get:
>
> linux-qyxj:~ # NOTIFY_SOCKET=/run/systemd/notify systemd-notify ""
> Failed to notify init system: Connection refused
> linux-qyxj:~ # 
>
>
> So yes, there is a patch in place.


Oh come on. You do not even understand the bug. Those ABRT and systemd
dying are the bug. 



>
>
>
0
William
10/9/2016 7:14:48 AM
On 2016-10-09 09:14, William Unruh wrote:
> On 2016-10-08, Carlos E.R. <robin_listas@invalid.es> wrote:


> In the past 5 days or so?

I heard of it two weeks ago.


>> The patches have been published, I understand, before the public knew about the issue.
> 
> No, the patches as I understood it, went into git, but not into a final
> patch push. That is vastly different. 
> 
>>
>> On Leap 42.1 the issue does not happen.
>>
>> mathias@kirika:~> NOTIFY_SOCKET=/run/systemd/notify systemd-notify ""
>> Failed to notify init system: No such file or directory
> 
> Does that not strike you as a bit strange that you are getting a "No
> such file or directory" error? That would suggest to me that it puts the
> stuff into a different place in filesystem, not that the problem is not
> there.

I misinterpreted the results. SUSE is not patched. I had been told
otherwise, but the virtual machine where I tried crashed badly later.

-- 
Cheers, Carlos.
0
Carlos
10/9/2016 1:15:29 PM
Yrrah <Yrrah-aolu@aolu.invalid> wrote:
>"Carlos E.R." <robin_listas@invalid.es>:
>
>> > A new vulnerability has been discovered that could shut down most Linux
>> > systems using a command short enough to fit in a tweet.
> 
>> Old news, and patched on most distributions.
>
>Yep.
>"Most distributions running systemd have published patches and the
>issue has been fixed in the upstream systemd code. While the bug was
>quickly fixed, its existence fuelled the fires of the systemd
>controversy on many message boards and raised concerns about systemd's
>complexity."
>https://distrowatch.com/weekly.php?issue=20161003#news
>
>The OP is probably a wintroll.

I am not a troll, but particularly disturbed about the way a member of
the systemd core team attacked the finder of the vulnerability.

I tend to judge software authory by the way they handle their
mistakes, not by that they make mistakes. The latter is unavoidable,
the former shows the author's level of professionalism. The systemd
community has certainly not made any points with me regarding
professionalism.

Greetings
Marc
-- 
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber         |   " Questions are the         | Mailadresse im Header
Mannheim, Germany  |     Beginning of Wisdom "     | http://www.zugschlus.de/
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834
0
Marc
10/9/2016 1:35:26 PM
On 2016-10-09, Marc Haber <mh+usenetspam1118@zugschl.us> wrote:
> I tend to judge software authory by the way they handle their
> mistakes, not by that they make mistakes. The latter is unavoidable,
> the former shows the author's level of professionalism. The systemd
> community has certainly not made any points with me regarding
> professionalism.

Watch out, Lennart will accuse you of a personal attack.
-- 
                                 Chick Tower

For e-mail:  colm DOT sent DOT towerboy AT xoxy DOT net
0
Chick
10/10/2016 6:49:10 PM
Chick Tower <c.tower@deadspam.com> wrote:
>On 2016-10-09, Marc Haber <mh+usenetspam1118@zugschl.us> wrote:
>> I tend to judge software authory by the way they handle their
>> mistakes, not by that they make mistakes. The latter is unavoidable,
>> the former shows the author's level of professionalism. The systemd
>> community has certainly not made any points with me regarding
>> professionalism.
>
>Watch out, Lennart will accuse you of a personal attack.

I could not care less.

I can live with the systemd community seeing me as violent opposition
while at the same time the opposition seems as a fanboi (just because
I decided to use systemd despite its blatant shortcomings). It just
reminds me of the silliness of the entire systemd war.

Greetings
Marc
-- 
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber         |   " Questions are the         | Mailadresse im Header
Mannheim, Germany  |     Beginning of Wisdom "     | http://www.zugschlus.de/
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834
0
Marc
10/10/2016 7:19:54 PM
On 10/08/2016 05:56 PM, Bobbie Sellers wrote:
> On 10/08/2016 01:49 PM, Jens Stuckelberger wrote:
>> On Sat, 08 Oct 2016 18:19:06 +0200, Yrrah wrote:
>>
>>> The OP is probably a wintroll.
>>
>>     Not necessarily. Many in the Linux community loath systemd and
>> are no doubt enjoying this fracas.
>>
> 
>     Yes!  Which is likely the reason the OP made his post.
> I ran systemd for a year or so under Mageia 4.1 & 5 and I switched
> to PCLinuxOS 2016.03 and started as soon as I learned it could
> take UEFI into consideration.  Please note that PCLOS has not
> shifted to systemd.  That was not a consideration on my part.
> 
>     bliss
> 

manjaro with openrc is available works well

0
ruben
10/13/2016 1:44:52 AM
On 10/12/2016 06:44 PM, ruben safir wrote:
> On 10/08/2016 05:56 PM, Bobbie Sellers wrote:
>> On 10/08/2016 01:49 PM, Jens Stuckelberger wrote:
>>> On Sat, 08 Oct 2016 18:19:06 +0200, Yrrah wrote:
>>>
>>>> The OP is probably a wintroll.
>>>
>>>     Not necessarily. Many in the Linux community loath systemd and
>>> are no doubt enjoying this fracas.
>>>
>>
>>     Yes!  Which is likely the reason the OP made his post.
>> I ran systemd for a year or so under Mageia 4.1 & 5 and I switched
>> to PCLinuxOS 2016.03 and started as soon as I learned it could
>> take UEFI into consideration.  Please note that PCLOS has not
>> shifted to systemd.  That was not a consideration on my part.
>>
>>     bliss
>>
>
> manjaro with openrc is available works well
>

	It may very well work but it ain't a Mandriva fork.
	
	bliss

-- 
bliss dash SF 4 ever at dslextreme dot com
0
Bobbie
10/13/2016 1:55:57 AM
Reply: