DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
November 18, 2018 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 170 people online.

 

Latest Reviews
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
 

Follow us
RSS
 

Zero-day exploit hits Fedora and Ubuntu, other exploit hits Netgear routers

Posted on Friday, December 16 2016 @ 18:15:35 CET by


It's rare but a security researcher just discovered a zero-day exploit that's present in multiple mainstream Linux distros, including Fedora and Ubuntu. According to Chris Evans, Linux PCs can be exploited when users open a specially crafted music file. And in case you use Chrome on Fedora 25, it works like a classic drive-by attack. ARS technica has the full details over here.
Like Evans' previous Linux zero-day, the proof-of-concept attacks released Tuesday exploit a memory-corruption vulnerability closely tied to GStreamer, a media framework that by default ships with many mainstream Linux distributions. This time, the exploit takes aim at a flaw in a software library alternately known as Game Music Emu and libgme, which is used to emulate music from game consoles. The two audio files are encoded in the SPC music format used in the Super Nintendo Entertainment System console from the 1990s. Both take aim at a heap overflow bug contained in code that emulates the console's Sony SPC700 processor. By changing the .spc extension to .flac and .mp3, GSteamer and Game Music Emu automatically open them.
In the video clip below, you can see Evans demonstrating the exploit in Fedora 25. Simply by clicking on a link in the Chrome browser, the attack can execute code with user-level system privileges.






On a related note, if you own a Netgear router you may want to check if your device is vulnerable. ARS Technica wrote this week that Netgear's R6250, R6400, R6700, R6900, R7000, R7100LG, R7300DST, R7900, R8000, D6220 and D6400 suffer from a command-injection vulnerability that can give attackers almost complete control of the devices. Three of these routers are listed in the top five most popular routers on Amazon. Unfortunately, Netgear is extremely slow in rolling out updates. Acew0rm security researcher Andrew Rollins says he notified Netgear on August 25 but they never got back to him so he had to escalate the matter to CERT to get a response from Netgear.
"Exploiting this vulnerability is trivial," officials with CERT, the federally funded vulnerability coordination service, warned in an advisory published Friday. "Users who have the option of doing so should strongly consider discontinuing use of affected devices until a fix is made available."
Firmware that fixes the vulnerability can be found over here, but for most routers the new firmware is still in beta phase.



 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2018 DM Media Group bvba