MESSAGE
| DATE | 2018-03-04 |
| FROM | valdis.kletnieks@vt.edu
|
| SUBJECT | Re: [Hangout - NYLXS] Year 2038 time set problem
|
From hangout-bounces-at-nylxs.com Mon Mar 5 20:47:48 2018
Return-Path:
X-Original-To: archive-at-mrbrklyn.com
Delivered-To: archive-at-mrbrklyn.com
Received: from www2.mrbrklyn.com (www2.mrbrklyn.com [96.57.23.82])
by mrbrklyn.com (Postfix) with ESMTP id 775A3163F5E;
Mon, 5 Mar 2018 20:47:48 -0500 (EST)
X-Original-To: hangout-at-www2.mrbrklyn.com
Delivered-To: hangout-at-www2.mrbrklyn.com
Received: by mrbrklyn.com (Postfix, from userid 1000)
id 58143163F57; Mon, 5 Mar 2018 20:47:46 -0500 (EST)
Resent-From: Ruben Safir
Resent-Date: Mon, 5 Mar 2018 20:47:46 -0500
Resent-Message-ID: <20180306014746.GZ2765-at-www2.mrbrklyn.com>
Resent-To: hangout-at-mrbrklyn.com
X-Original-To: ruben-at-mrbrklyn.com
Delivered-To: ruben-at-mrbrklyn.com
Received: from shelob.surriel.com (unknown [96.67.55.147])
by mrbrklyn.com (Postfix) with ESMTP id 9055E161132
for ; Sun, 4 Mar 2018 13:31:44 -0500 (EST)
Received: from localhost ([::1] helo=shelob.surriel.com)
by shelob.surriel.com with esmtp (Exim 4.89)
(envelope-from )
id 1esYPp-0008Bc-4r; Sun, 04 Mar 2018 13:31:21 -0500
Received: from omr2.cc.ipv6.vt.edu ([2607:b400:92:8400:0:33:fb76:806e]
helo=omr2.cc.vt.edu)
by shelob.surriel.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
(Exim 4.89) (envelope-from ) id 1esYPi-0008BW-75
for kernelnewbies-at-kernelnewbies.org; Sun, 04 Mar 2018 13:31:14 -0500
Received: from mr6.cc.vt.edu (mr6.cc.vt.edu
[IPv6:2607:b400:92:8500:0:af:2d00:4488])
by omr2.cc.vt.edu (8.14.4/8.14.4) with ESMTP id w24IVCpO007482
for ; Sun, 4 Mar 2018 13:31:12 -0500
Received: from mail-qt0-f199.google.com (mail-qt0-f199.google.com
[209.85.216.199])
by mr6.cc.vt.edu (8.14.7/8.14.7) with ESMTP id w24IV7PR012288
for ; Sun, 4 Mar 2018 13:31:12 -0500
Received: by mail-qt0-f199.google.com with SMTP id 29so1217382qto.10
for ; Sun, 04 Mar 2018 10:31:12 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:sender:from:to:cc:subject:in-reply-to:references
:mime-version:content-transfer-encoding:date:message-id;
bh=K/PqdRN9fg3dfZ8D0G85dHEkjRcU0flzl4qf4acCMHE=;
b=ogDDQ4PJjunrEXlf8gTjlrv9EIhMEd6NkXOiFQRZuS/tTtEI/jblh6LY00I7pKI8pZ
0q66Yz+iGitTmoDCxBVdWT5CUzXpTAyy3Tex0ruCrc7nlje+rutQR0I9wRW7mPFDfHxD
2UecqclabGVqi8TGDiUsJqsNWCYycl9hiPPhE97cuQXMxolwtBKIVbq9kx4Sn6adM9NR
IfLZN/FBFrY84e/lHptwQxj76ob9c71l6Sm9qanvKo0c72kOPHwAty1X0915rkIuA5B8
n+llRCS0DnOjtZW0Q6zI+nsqyqkBBM5imyLC9L0Ikp4qSVYa8hQIrBq10NMDdJFAiXlf
SPIQ==
X-Gm-Message-State: AElRT7FeFDBlThYcPW84hEMSTJ1hhrZHmQv1EkqVT0nd39W/93F+1s1w
KqedyhCUNMKCL277lNi4Lw0nrXv7U7op6g77xB0xL0BoOWJwllmSO7zeN/+ILOBtiValNV5Zfg8
AjXgHnMi9rJjIlrl0DmzXGxucPVtwZCopdnc4tG8=
X-Received: by 10.55.43.70 with SMTP id r67mr18127418qkh.17.1520188267078;
Sun, 04 Mar 2018 10:31:07 -0800 (PST)
X-Google-Smtp-Source: AG47ELte+gVEy+2NV4sUmiPzWRmmA6Qeu1CPY2t8BMeS+loXfYyiUHiN6rwfP84GXrgg4/u2FPwnaQ==
X-Received: by 10.55.43.70 with SMTP id r67mr18127399qkh.17.1520188266710;
Sun, 04 Mar 2018 10:31:06 -0800 (PST)
Received: from turing-police.cc.vt.edu
([2601:5c0:c001:4342:7d23:349e:fc99:eb05])
by smtp.gmail.com with ESMTPSA id f6sm5299400qth.44.2018.03.04.10.31.04
(version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
Sun, 04 Mar 2018 10:31:05 -0800 (PST)
From: valdis.kletnieks-at-vt.edu
X-Google-Original-From: Valdis.Kletnieks-at-vt.edu
X-Mailer: exmh version 2.8.0 04/21/2017 with nmh-1.7+dev
To: tali.perry-at-nuvoton.com
In-Reply-To: <6c56e171e9194485b4c89fe1eb2b9168-at-NTILML02.nuvoton.com>
References: <6c56e171e9194485b4c89fe1eb2b9168-at-NTILML02.nuvoton.com>
Mime-Version: 1.0
Date: Sun, 04 Mar 2018 13:31:04 -0500
Message-ID: <50050.1520188264-at-turing-police.cc.vt.edu>
X-BeenThere: kernelnewbies-at-kernelnewbies.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Archive:
Content-Type: multipart/mixed; boundary="===============0003081298207404477=="
X-UID: 46763
Cc: kernelnewbies-at-kernelnewbies.org
Subject: Re: [Hangout - NYLXS] Year 2038 time set problem
X-BeenThere: hangout-at-nylxs.com
List-Id: NYLXS Tech Talk and Politics
List-Unsubscribe: ,
List-Post:
List-Help:
List-Subscribe: ,
Errors-To: hangout-bounces-at-nylxs.com
Sender: "Hangout"
--===============0003081298207404477==
Content-Type: multipart/signed; boundary="==_Exmh_1520188264_14985P";
micalg=pgp-sha1; protocol="application/pgp-signature"
Content-Transfer-Encoding: 7bit
--==_Exmh_1520188264_14985P
Content-Type: text/plain; charset=us-ascii
On Sun, 04 Mar 2018 06:59:46 +0000, tali.perry-at-nuvoton.com said:
> It is not secure because it is not fixed for these issues:
> https://meltdownattack.com/
Note that saying "The CPU isn't vulnerable to Meltdown/Spectre, therefor
the 4.1 kernel is OK" is *incredibly* wrong.
For the record, since 4.1 came out, there's been at *least* a dozen security
issues in the Linux kernel that have been a *lot* scarier for security
professionals than the Meltdown/Spectre issue. That only got any news coverage
because it was an actual hardware design flaw that was believed to be difficult
to easily fix with software changes...
For example, here's a partial list of known security issues fixed in *just* 4.14.8:
(You want the full list, it's here: https://www.cvedetails.com/vulnerability-list/vendor_id-33/product_id-47/cvssscoremin-7/cvssscoremax-7.99/Linux-Linux-Kernel.html
Looks like there were some 298 CVE numbers assigned to the Linux kernel
after the 4.1 release date. Note that this doe *NOT* include fixed bugs
that had security implications but were not assigned a CVE number)
CVE-2017-17857 The check_stack_boundary function in kernel/bpf/verifier.c in
the Linux kernel through 4.14.8 allows local users to cause a denial of service
(memory corruption) or possibly have unspecified other impact by leveraging
mishandling of invalid variable stack read operations.
CVE-2017-17856 kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows
local users to cause a denial of service (memory corruption) or possibly have
unspecified other impact by leveraging the lack of stack-pointer alignment
enforcement.
CVE-2017-17855 kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows
local users to cause a denial of service (memory corruption) or possibly have
unspecified other impact by leveraging improper use of pointers in place of
scalars.
CVE-2017-17854 kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows
local users to cause a denial of service (integer overflow and memory
corruption) or possibly have unspecified other impact by leveraging
unrestricted integer values for pointer arithmetic.
CVE-2017-17853 kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows
local users to cause a denial of service (memory corruption) or possibly have
unspecified other impact by leveraging incorrect BPF_RSH signed bounds
calculations.
CVE-2017-17852 kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows
local users to cause a denial of service (memory corruption) or possibly have
unspecified other impact by leveraging mishandling of 32-bit ALU ops.
CVE-2017-17806 The HMAC implementation (crypto/hmac.c) in the Linux kernel
before 4.14.8 does not validate that the underlying cryptographic hash
algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based
hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm
(CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by executing a
crafted sequence of system calls that encounter a missing SHA-3 initialization.
CVE-2017-17805 The Salsa20 encryption algorithm in the Linux kernel before
4.14.8 does not correctly handle zero-length inputs, allowing a local attacker
able to use the AF_ALG-based skcipher interface
(CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service
(uninitialized-memory free and kernel crash) or have unspecified other impact
by executing a crafted sequence of system calls that use the blkcipher_walk
API. Both the generic implementation (crypto/salsa20_generic.c) and x86
implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable.
--==_Exmh_1520188264_14985P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Comment: Exmh version 2.8.0 04/21/2017
iQEVAwUBWpw7aI0DS38y7CIcAQI4wQf+IZdvHREgdFBRvPHv4YMyCV27o6618smb
+bIPFvEexx9boI0Ot/+ZEJQGEkLON/RPRSIt/YSQEA1qKGomQflCR94YQ+AtAyc2
jJJfRxqbg+zPlRGdLfPdqp6SZCzSdUfPLEWdT5cQd0TywQ1Fz5vOShrqU/hVKhhF
aWc7cy3KANyHbLXFFC28I5jZR4QCaBcOYCNqcmpjvmWVDc6Y3rn8Y/7dsDl+gjP/
9Wfj/ax8E1P2axuWutD9rkk8qK0MihxfazJo7sq4lMoeur/xQWYDwxeJ1ySucqYR
QgeO7NXPhNuTXmZu8QgcVZmCIjPwwin78JDUERpqe+xK/dNG0n/yBA==
=41TI
-----END PGP SIGNATURE-----
--==_Exmh_1520188264_14985P--
--===============0003081298207404477==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
Kernelnewbies mailing list
Kernelnewbies-at-kernelnewbies.org
https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
--===============0003081298207404477==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
Hangout mailing list
Hangout-at-nylxs.com
http://lists.mrbrklyn.com/mailman/listinfo/hangout
--===============0003081298207404477==--
--===============0003081298207404477==
Content-Type: multipart/signed; boundary="==_Exmh_1520188264_14985P";
micalg=pgp-sha1; protocol="application/pgp-signature"
Content-Transfer-Encoding: 7bit
--==_Exmh_1520188264_14985P
Content-Type: text/plain; charset=us-ascii
On Sun, 04 Mar 2018 06:59:46 +0000, tali.perry-at-nuvoton.com said:
> It is not secure because it is not fixed for these issues:
> https://meltdownattack.com/
Note that saying "The CPU isn't vulnerable to Meltdown/Spectre, therefor
the 4.1 kernel is OK" is *incredibly* wrong.
For the record, since 4.1 came out, there's been at *least* a dozen security
issues in the Linux kernel that have been a *lot* scarier for security
professionals than the Meltdown/Spectre issue. That only got any news coverage
because it was an actual hardware design flaw that was believed to be difficult
to easily fix with software changes...
For example, here's a partial list of known security issues fixed in *just* 4.14.8:
(You want the full list, it's here: https://www.cvedetails.com/vulnerability-list/vendor_id-33/product_id-47/cvssscoremin-7/cvssscoremax-7.99/Linux-Linux-Kernel.html
Looks like there were some 298 CVE numbers assigned to the Linux kernel
after the 4.1 release date. Note that this doe *NOT* include fixed bugs
that had security implications but were not assigned a CVE number)
CVE-2017-17857 The check_stack_boundary function in kernel/bpf/verifier.c in
the Linux kernel through 4.14.8 allows local users to cause a denial of service
(memory corruption) or possibly have unspecified other impact by leveraging
mishandling of invalid variable stack read operations.
CVE-2017-17856 kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows
local users to cause a denial of service (memory corruption) or possibly have
unspecified other impact by leveraging the lack of stack-pointer alignment
enforcement.
CVE-2017-17855 kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows
local users to cause a denial of service (memory corruption) or possibly have
unspecified other impact by leveraging improper use of pointers in place of
scalars.
CVE-2017-17854 kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows
local users to cause a denial of service (integer overflow and memory
corruption) or possibly have unspecified other impact by leveraging
unrestricted integer values for pointer arithmetic.
CVE-2017-17853 kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows
local users to cause a denial of service (memory corruption) or possibly have
unspecified other impact by leveraging incorrect BPF_RSH signed bounds
calculations.
CVE-2017-17852 kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows
local users to cause a denial of service (memory corruption) or possibly have
unspecified other impact by leveraging mishandling of 32-bit ALU ops.
CVE-2017-17806 The HMAC implementation (crypto/hmac.c) in the Linux kernel
before 4.14.8 does not validate that the underlying cryptographic hash
algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based
hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm
(CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by executing a
crafted sequence of system calls that encounter a missing SHA-3 initialization.
CVE-2017-17805 The Salsa20 encryption algorithm in the Linux kernel before
4.14.8 does not correctly handle zero-length inputs, allowing a local attacker
able to use the AF_ALG-based skcipher interface
(CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service
(uninitialized-memory free and kernel crash) or have unspecified other impact
by executing a crafted sequence of system calls that use the blkcipher_walk
API. Both the generic implementation (crypto/salsa20_generic.c) and x86
implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable.
--==_Exmh_1520188264_14985P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Comment: Exmh version 2.8.0 04/21/2017
iQEVAwUBWpw7aI0DS38y7CIcAQI4wQf+IZdvHREgdFBRvPHv4YMyCV27o6618smb
+bIPFvEexx9boI0Ot/+ZEJQGEkLON/RPRSIt/YSQEA1qKGomQflCR94YQ+AtAyc2
jJJfRxqbg+zPlRGdLfPdqp6SZCzSdUfPLEWdT5cQd0TywQ1Fz5vOShrqU/hVKhhF
aWc7cy3KANyHbLXFFC28I5jZR4QCaBcOYCNqcmpjvmWVDc6Y3rn8Y/7dsDl+gjP/
9Wfj/ax8E1P2axuWutD9rkk8qK0MihxfazJo7sq4lMoeur/xQWYDwxeJ1ySucqYR
QgeO7NXPhNuTXmZu8QgcVZmCIjPwwin78JDUERpqe+xK/dNG0n/yBA==
=41TI
-----END PGP SIGNATURE-----
--==_Exmh_1520188264_14985P--
--===============0003081298207404477==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
Kernelnewbies mailing list
Kernelnewbies-at-kernelnewbies.org
https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
--===============0003081298207404477==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
Hangout mailing list
Hangout-at-nylxs.com
http://lists.mrbrklyn.com/mailman/listinfo/hangout
--===============0003081298207404477==--
|
|
