Linux Vulnerability Announced, Details Kept Secret [Solved]

[Mauser]

Lunduke video on Severe (9.9 / 10) Linux Vulnerability Announced, Details Kept Secret. Hopefully this is not real. https://www.youtube.com/watch?v=8PbTZaWFzf8

[figueroa]

See the following for sanity. https://cybersecuritynews.com/critical- ... -rce-flaw/

[Eadwine Rose]

Did they finally find the one responsible for all the PEBKAC issues?

[j2mcgreg]

The boy who cried wolf has more credibility than Bryan Lunduke.

[siamhie]

Did they finally find the one responsible for all the PEBKAC issues?

[siamhie]

Here is the tweet that started it all.

https://threadreaderapp.com/thread/1838 ... 35132.html


Since this threat hasn't been assigned an actual rating yet and they (all involved) have led to an agreed timeline for disclosure

• September 30: Initial disclosure to the Openwall security mailing list.
  October 6: Full public disclosure of the vulnerability details

Simone posted this tweet (now locked) on Sep 23rd but the initial disclosure (mailing list) will be on the 30th with a public disclosure on Oct 6th but this threat was disclosed (from him) 3 weeks ago (so beginning of Sep?).

Remember that apparently this flaw has been around for 10 years and we don't even know what is affected? Could this also affect *BSD systems (CUPS is thrown around in the comments on Slashdot)?


and quoting the last line from the tweet

And YES: I LOVE hyping the sh1t out of this stuff because apparently sensationalism is the only language that forces these people to fix.

I wonder just how severe this really is...hmm?

[DukeComposed]

Did they finally find the one responsible for all the PEBKAC issues?

Alan Cox hasn't been involved in the project in years.

The boy who cried wolf has more credibility than Bryan Lunduke.

Bryan Lund, aka "Lunduke" has never been much of a journalist. He is at best a salesman whose career started as an Apple fanboy pushing software for Mac written in BASIC, pivoted to Linux "journalism" with Chris Fisher, and has now descended into the aberrant far-right political extremism of pushing a narrative that SUSE thinks 50% of its users should die because of a single anti-hate remark a SUSE employee made on a SUSE subreddit during Pride month. While I imagine that Lund has always been conservative, he has in the last few years become more extremist and reactionary than he's ever been in the past and his most recent "Linux Sucks" yearly address in which he spends a good chunk of it deliberately misinterpreting the SUSE comment is a clear example of how extreme he's gotten. His idea of Linux journalism is more tenuous and biased than ever before, and we're talking about the same man who once had a meltdown while conducting an interview with Richard M. Stallman.

[Eadwine Rose]

Did they finally find the one responsible for all the PEBKAC issues?

Alan Cox hasn't been involved in the project in years.

Who?


To be honest, I don't care about this sort of stuff on who did what and when. You use the computer, you are responsible.

[FullScale4Me]

Lunduke video on Severe (9.9 / 10) Linux Vulnerability Announced, Details Kept Secret. Hopefully this is not real. https://www.youtube.com/watch?v=8PbTZaWFzf8

When I clicked the link and saw I was NOT subscribed even though the creator had a huge following a quote sometimes attributed to Ringo Star came to mind - "...Nothing here to see, move along..."

[siamhie]

Remember that apparently this flaw has been around for 10 years and we don't even know what is affected? Could this also affect *BSD systems (CUPS is thrown around in the comments on Slashdot)?

Whoever made that comment on Slashdot nailed it. He (Bryan) has an updated video out now and it is a CUPS based exploit.

The "9.9" Linux Vulnerability Revealed: It's The Printers