Harald Eilertsen

Harald Eilertsen

harald@hub.volse.no

Volse Hub admin

Homepage:: https://volse.net/~haraldei

CVE-2021-3156: Heap-Based Buffer Overflow in Sudo

Harald Eilertsen

Wed, 27 Jan 2021 23:06:50 +0100

This one's a bit nasty.

Any unprivileged user can gain root privileges on a vulnerable host using a default sudo configuration by exploiting this vulnerability.

More on the Qualys Security Blog.

#infosec #overflow #sudo #PrivilegeEscalation

infosec

show all 4 Comments

Tanja

Thu, 28 Jan 2021 04:53:03 +0100

@Beni Grind Debian Buster and Manjaro both had updates yesterday

Beni Grind ~HB9HNT

Thu, 28 Jan 2021 05:39:06 +0100

@Tanja I know, we joke about switching to Debian about once a day. TBH, I wouldn't want to use Manjaro in any a enterprise setup with hundreds of VMs, though. Too much of a moving target.

Tanja

Thu, 28 Jan 2021 06:11:58 +0100

@Beni Grind Yeah, I can see how a rolling release would be more trouble than it's worth in this use case. As matter of fact, I can see that making any switch at all would probably mean more trouble than it's worth.

What is the Random Oracle Model and why should you care?

Harald Eilertsen

Wed, 12 Aug 2020 13:52:52 +0200

This series is a good introduction (at least as far as I can judge) to the good, the bad and the ugly of the Random Oracle Model for evaluating cryptographic systems. Be sure to read the entire series:

What is the Random Oracle Model and why should you care? (Part 1)
by Matthew Green on A Few Thoughts on Cryptographic Engineering

#cryptography #infosec

Cryptography infosec

Unpatched Strandhogg Android Vulnerability Actively Exploited in the Wild

Harald Eilertsen

Tue, 03 Dec 2019 10:24:19 +0100 last edited: Wed, 12 Aug 2020 13:55:07 +0200

Dubbed Strandhogg, the vulnerability resides in the multitasking feature of Android that can be exploited by a malicious app installed on a device to masquerade as any other app on it, including any privileged system app.

In other words, when a user taps the icon of a legitimate app, the malware exploiting the Strandhogg vulnerability can intercept and hijack this task to display a fake interface to the user instead of launching the legitimate application.