New Linux Kernel Vulnerability Discovered

Issue still remains uncorrected in some popular distributions (Debian, RHEL, SUSE, Ubuntu)
04 February 2019   477

A vulnerability has been found in the Linux kernel (CVE-2019-7308), which makes it possible to bypass the protection against conducting Spectre v1 attacks by using the eBPF subsystem. The problem is fixed in kernel releases 4.19.19 and 4.20.6, but still remains uncorrected in distributions (Debian, RHEL, SUSE, Ubuntu).

In order to read data from privileged memory areas using Specter v1 attack, you must have a certain sequence of commands in the privileged code. Such combinations of commands were removed from the Linux kernel, but the developers did not take into account the fact that the eBPF subsystem allows initiating execution of arbitrary BPF programs in the context of the kernel. Through BPF bytecode manipulation, an attacker can accomplish the eBPF JIT compiler, which is necessary for making Specter v1’s attack, a combination of machine instructions, which lead to speculative access to external memory areas when performing operations with the pointer.

Additionally, there is a suggestion to include a patch in the Linux kernel that implements an additional mode for disabling Specter protection based on the use of PSTATE-bits SSBS (Speculative Store Bypass Safe). Such protection significantly reduces performance, so it is enabled at the application level using the PR_SET_SPECULATION_CTRL command in prctl (as a rule, programs with JIT, for example, Java, are subject to attack). The problem is that when you disable speculative operations, this state is inherited for child processes. To disable security inheritance (blocking inheritance of speculative operations) when starting new processes, the PR_SPEC_DISABLE_NOEXEC flag has been proposed.

GStreamer 1.16.0 Framework to Rolled Out

It's a cross-platform set of components for creating a wide range of multimedia applications, like media players or audio/video file converters, to VoIP apps
22 April 2019   58

After more than a year of development, GStreamer 1.16 was released. It is the C written cross-platform set of components for creating a wide range of multimedia applications, from media players and audio / video file converters, to VoIP applications and streaming systems. The GStreamer code is distributed under the LGPLv2.1 license.

Updates for the plug-ins gst-plugins-base, gst-plugins-good, gst-plugins-bad, gst-plugins-ugly, as well as the gst-libav to 1.16 is available. At the API and ABI level, the new release is backward compatible with branch 1.0. Binary assemblies will soon be prepared for Android, iOS, macOS and Windows (Linux is recommended to use packages from the distribution).

It has a lot of updates and improvements. For example, hidden subtitles support, optimization improvements and much more. Get more info at email archive