You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2024-02-15 05:12:43
- avidseeker
- Member
- Registered: 2022-09-06
- Posts: 57
- Website
Security: possible attack vectors in Linux
I am aware of https://security.archlinux.org/ which includes recent CVE's related to official packages, and I also read about the general security recommendations in the Wiki.
This post is about practical real-life examples of previous security vulnerabilities that Linux has been affected with. The CVE's listed in ASA are of course useful to know about, but I want to see how they can be leveraged by an attacker. Here are some examples, and what I learned from them:
Shellshock (CVE-2014-6271, CVE-2014-7169): your shell is a huge attack vector. Review your zsh plugins, use only trusted plugins, and keep them minimal.
BlueBorne (CVE-2017-1000251, CVE-2017-1000250): start bluetooth service manually, and prefer wired headset, mouse, and keyboard over wireless ones.
Grub2 BootHole (CVE-2020-10713): grub is bloated. Use a minimal bootloaders.
CVE-2021-3156 (Baron Samedit): use doas
Microsoft Follina: PDFs and documents are a big attack vector. While not a Linux-related vulnerability, it reminded me to be cautious with document files. As an alternative, MS office files can be uploaded to Google Drive and viewed there, or using a conversion tool like Pandoc, or soffice. Also PDF viewers can be hardened in settings, or even better, sandboxed (see Zathura seccomp filter).
File previewers: The Follina vulnerability was so terrible that it was executed even without launching office. Simply by having the side preview panel, the previewer executed the vulnerability. If you're using a terminal file manager, then you have to check your `scope` shell script that previews files. See this Wiki section: https://wiki.archlinux.org/title/Lf#Sandboxing_previews
Archive files: zip bombs
PKGBUILDs: be cautious with random AUR scripts
Malicious USBs: see https://wiki.archlinux.org/title/USBGuard
I excluded vulnerabilities that are related to servers or hardware like Spectre, heartbleed and downfall. The solution for these is simply keeping your system updated, using firewall, sandboxing applications, and the rest of recommendations on the Wiki.
What are other attack vectors I could be missing?
Offline
#2 2024-02-16 03:19:56
- bybrl
- Member
- Registered: 2024-02-12
- Posts: 9
Re: Security: possible attack vectors in Linux
I don't think this thread should be in Newbie Corner, but I should ask, what did GRUB do to you?
Offline
#3 2024-02-22 12:12:10
- loqs
- Member
- Registered: 2014-03-06
- Posts: 17,719
Re: Security: possible attack vectors in Linux
I am aware of https://security.archlinux.org/ which includes recent CVE's related to official packages
Suffers from a lack of resources to keep updated. For example no 2024 issues.
I excluded vulnerabilities that are related to servers or hardware like Spectre, heartbleed and downfall. The solution for these is simply keeping your system updated, using firewall, sandboxing applications, and the rest of recommendations on the Wiki.
Why include PKGBUILDs and Malicious USBs that are covered on the wiki as well?
What threat model are you intending to address?
Offline
#4 2024-02-22 12:25:22
- schard
- Forum Moderator
- From: Hannover
- Registered: 2016-05-06
- Posts: 2,029
- Website
Re: Security: possible attack vectors in Linux
What are other attack vectors I could be missing?
Social engineering. The CVE-H00M4N is still not fixed.
macro_rules! yolo { { $($tokens:tt)* } => { unsafe { $($tokens)* } }; }
Offline
Pages: 1