You are not logged in.

#1 2024-02-15 05:12:43

avidseeker
Member
Registered: 2022-09-06
Posts: 62
Website

Security: possible attack vectors in Linux

I am aware of https://security.archlinux.org/ which includes recent CVE's related to official packages, and I also read about the general security recommendations in the Wiki.

This post is about practical real-life examples of previous security vulnerabilities that Linux has been affected with. The CVE's listed in ASA are of course useful to know about, but I want to see how they can be leveraged by an attacker. Here are some examples, and what I learned from them:

  • Shellshock (CVE-2014-6271, CVE-2014-7169): your shell is a huge attack vector. Review your zsh plugins, use only trusted plugins, and keep them minimal.

  • BlueBorne (CVE-2017-1000251, CVE-2017-1000250): start bluetooth service manually, and prefer wired headset, mouse, and keyboard over wireless ones.

  • Grub2 BootHole (CVE-2020-10713): grub is bloated. Use a minimal bootloaders.

  • CVE-2021-3156 (Baron Samedit): use doas

  • Microsoft Follina: PDFs and documents are a big attack vector. While not a Linux-related vulnerability, it reminded me to be cautious with document files. As an alternative, MS office files can be uploaded to Google Drive and viewed there, or using a conversion tool like Pandoc, or soffice. Also PDF viewers can be hardened in settings, or even better, sandboxed (see Zathura seccomp filter).

  • File previewers: The Follina vulnerability was so terrible that it was executed even without launching office. Simply by having the side preview panel, the previewer executed the vulnerability. If you're using a terminal file manager, then you have to check your `scope` shell script that previews files. See this Wiki section: https://wiki.archlinux.org/title/Lf#Sandboxing_previews

  • Archive files: zip bombs

  • PKGBUILDs: be cautious with random AUR scripts

  • Malicious USBs: see https://wiki.archlinux.org/title/USBGuard

I excluded vulnerabilities that are related to servers or hardware like Spectre, heartbleed and downfall. The solution for these is simply keeping your system updated, using firewall, sandboxing applications, and the rest of recommendations on the Wiki.

What are other attack vectors I could be missing?

Offline

#2 2024-02-16 03:19:56

bybrl
Member
Registered: 2024-02-12
Posts: 9

Re: Security: possible attack vectors in Linux

I don't think this thread should be in Newbie Corner, but I should ask, what did GRUB do to you?

Offline

#3 2024-02-22 12:12:10

loqs
Member
Registered: 2014-03-06
Posts: 18,039

Re: Security: possible attack vectors in Linux

avidseeker wrote:

I am aware of https://security.archlinux.org/ which includes recent CVE's related to official packages

Suffers from a lack of resources to keep updated.  For example no 2024 issues.

avidseeker wrote:

I excluded vulnerabilities that are related to servers or hardware like Spectre, heartbleed and downfall. The solution for these is simply keeping your system updated, using firewall, sandboxing applications, and the rest of recommendations on the Wiki.

Why include PKGBUILDs and Malicious USBs that are covered on the wiki as well?

What threat model are you intending to address?

Offline

#4 2024-02-22 12:25:22

schard
Forum Moderator
From: Hannover
Registered: 2016-05-06
Posts: 2,111
Website

Re: Security: possible attack vectors in Linux

avidseeker wrote:

What are other attack vectors I could be missing?

Social engineering. The CVE-H00M4N is still not fixed.


Inofficial first vice president of the Rust Evangelism Strike Force

Offline

Board footer

Powered by FluxBB