Bitcoin Forum
November 18, 2024, 12:20:27 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: [warning] Vulnerability in all major Linux distros gives full root privileges.  (Read 189 times)
TheBeardedBaby (OP)
Legendary
*
Offline Offline

Activity: 2240
Merit: 3150


₿uy / $ell ..oeleo ;(


View Profile
January 26, 2022, 09:49:38 PM
Last edit: January 27, 2022, 04:11:20 PM by TheBeardedBaby
Merited by NeuroticFish (4), pooya87 (4), hugeblack (4), o_e_l_e_o (4), vapourminer (3), dkbit98 (3), ABCbits (2), vv181 (1)
 #1

I know this is probably not the best place to post the thread, but if you have a cold storage wallet with a Linux distro you could be affected and only that, nodes, servers etc. Take precautions.

Quote
A vulnerability in Polkit's pkexec component identified as CVE-2021-4034 (PwnKit) is present in the default configuration of all major Linux distributions and can be exploited to gain full root privileges on the system, researchers warn today.

CVE-2021-4034 has been named PwnKit and its origin has been tracked to the initial commit of pkexec, more than 12 years ago, meaning that all Polkit versions are affected.

Part of the Polkit open-source application framework that negotiates the interaction between privileged and unprivileged processes, pkexec allows an authorized user to execute commands as another user, doubling as an alternative to sudo.

More info here: Linux system service bug gives root on all major distros, exploit released

pooya87
Legendary
*
Offline Offline

Activity: 3640
Merit: 11040


Crypto Swap Exchange


View Profile
January 27, 2022, 04:42:21 AM
Merited by PrimeNumber7 (1)
 #2

if you have a cold storage wallet with a Linux distro you could be affected.
Technically that shouldn't be an issue at all.
A cold storage by definition should not be accessible by anyone else remotely or physically, so there shouldn't be any way to use any kind of exploit on it.
Additionally you would use some sort of encryption on your cold storage, whether it is encryption provided by Linux itself (eg. encrypting home folder) or encrypting the wallet file itself (eg. encryption provided by Electrum). That means even gaining access to the data won't help the attacker.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
TheBeardedBaby (OP)
Legendary
*
Offline Offline

Activity: 2240
Merit: 3150


₿uy / $ell ..oeleo ;(


View Profile
January 27, 2022, 08:11:35 AM
 #3

if you have a cold storage wallet with a Linux distro you could be affected.
Technically that shouldn't be an issue at all.
A cold storage by definition should not be accessible by anyone else remotely or physically, so there shouldn't be any way to use any kind of exploit on it.
Additionally you would use some sort of encryption on your cold storage, whether it is encryption provided by Linux itself (eg. encrypting home folder) or encrypting the wallet file itself (eg. encryption provided by Electrum). That means even gaining access to the data won't help the attacker.

I agree that with the cold wallets there are many walls to take down before getting to the honeypot, and most of the time it's impossible with the current available technology, but if you already have a massive door with advanced locker, why leaving it open?

hugeblack
Legendary
*
Offline Offline

Activity: 2702
Merit: 3994



View Profile WWW
January 27, 2022, 08:33:27 AM
 #4

I did not understand the content of the article accurately, but as I understood it, it gives root privileges for an ordinary user, and therefore it is an account based problem (privileges to unprivileged user.)
Meaning that it will be affected by devices with multiple access or for several people and not for the average user with a single account.

In general, all systems are vulnerable to hacking, and Bitcoin provides the user with the advantage of generating keys without the need to connect to the Internet, which means that most of these bugs will not effect (if the user is able to physically remove all communication parts)

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
PrimeNumber7
Copper Member
Legendary
*
Offline Offline

Activity: 1666
Merit: 1901

Amazon Prime Member #7


View Profile
January 27, 2022, 09:10:16 AM
 #5

As pooya87 explained, I don't think this is something that should affect any cold storage setup, as the only person (people) who should have access to the device(s) that contain cold storage private keys is (are) those who have the authorization to spend coin from cold storage.

This might be a bigger issue for a business that allows multiple employees to access a machine that has access to the business's hot wallet (or other secrets). In those cases, this is something that needs to be patched ASAP.
NeuroticFish
Legendary
*
Offline Offline

Activity: 3864
Merit: 6596


Looking for campaign manager? Contact icopress!


View Profile
January 27, 2022, 09:48:48 AM
 #6

Are the linuxes or raspi boxes running hot wallets, nodes, electrum servers affected? I guess so.
And they are probably online 24/7, unlike cold storage that's meant to stay offline.

So the warning is important and big, just the targets.. may need to be updated.

███████████████████████
████▐██▄█████████████████
████▐██████▄▄▄███████████
████▐████▄█████▄▄████████
████▐█████▀▀▀▀▀███▄██████
████▐███▀████████████████
████▐█████████▄█████▌████
████▐██▌█████▀██████▌████
████▐██████████▀████▌████
█████▀███▄█████▄███▀█████
███████▀█████████▀███████
██████████▀███▀██████████

███████████████████████
.
BC.GAME
▄▄▀▀▀▀▀▀▀▄▄
▄▀▀░▄██▀░▀██▄░▀▀▄
▄▀░▐▀▄░▀░░▀░░▀░▄▀▌░▀▄
▄▀▄█▐░▀▄▀▀▀▀▀▄▀░▌█▄▀▄
▄▀░▀░░█░▄███████▄░█░░▀░▀▄
█░█░▀░█████████████░▀░█░█
█░██░▀█▀▀█▄▄█▀▀█▀░██░█
█░█▀██░█▀▀██▀▀█░██▀█░█
▀▄▀██░░░▀▀▄▌▐▄▀▀░░░██▀▄▀
▀▄▀██░░▄░▀▄█▄▀░▄░░██▀▄▀
▀▄░▀█░▄▄▄░▀░▄▄▄░█▀░▄▀
▀▄▄▀▀███▄███▀▀▄▄▀
██████▄▄▄▄▄▄▄██████
.
..CASINO....SPORTS....RACING..


▄▄████▄▄
▄███▀▀███▄
██████████
▀███▄░▄██▀
▄▄████▄▄░▀█▀▄██▀▄▄████▄▄
▄███▀▀▀████▄▄██▀▄███▀▀███▄
███████▄▄▀▀████▄▄▀▀███████
▀███▄▄███▀░░░▀▀████▄▄▄███▀
▀▀████▀▀████████▀▀████▀▀
ABCbits
Legendary
*
Offline Offline

Activity: 3066
Merit: 8092


Crypto Swap Exchange


View Profile
January 27, 2022, 10:11:11 AM
Merited by pooya87 (2), PrimeNumber7 (1)
 #7

And that's why you shouldn't run random application/script you found on internet, even if you use Linux.

This might be a bigger issue for a business that allows multiple employees to access a machine that has access to the business's hot wallet (or other secrets). In those cases, this is something that needs to be patched ASAP.

Application with lots of dependency also risky, i expect someone will try to perform supply chain attack on programming library.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
dkbit98
Legendary
*
Offline Offline

Activity: 2422
Merit: 7590



View Profile WWW
January 27, 2022, 03:57:34 PM
 #8

This is not such a big problem when we know small percentage of people running Linux operating systems compared to wiNd0ws and mac.
Furthermore, release fix will be released much quicker than it would on other operating systems, and there is temporary mitigation solution released.
If you are running your Bitcoin node on Linux you can apply temporary solution if you want to be sure, and you don't have to worry if you use your OS offline.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
lovesmayfamilis
Legendary
*
Offline Offline

Activity: 2282
Merit: 4546


✿♥‿♥✿


View Profile
January 28, 2022, 06:56:56 AM
 #9

This is not such a big problem when we know small percentage of people running Linux operating systems compared to wiNd0ws and mac.
Furthermore, release fix will be released much quicker than it would on other operating systems, and there is temporary mitigation solution released.
If you are running your Bitcoin node on Linux you can apply temporary solution if you want to be sure, and you don't have to worry if you use your OS offline.

As I understand it, you just need to update the system, since some developers, for example, Ubuntu, have already released patches.
Does this mean that if we are renewed, we will be protected? I work on Linux, but I am not an advanced user, and I would not want to get into this muck out of inexperience.
As for Windows, I don't trust this system at all.

▄▄███████▄▄
▄██████████████▄
▄██████████████████▄
▄████▀▀▀▀███▀▀▀▀█████▄
▄█████████████▄█▀████▄
███████████▄███████████
██████████▄█▀███████████
██████████▀████████████
▀█████▄█▀█████████████▀
▀████▄▄▄▄███▄▄▄▄████▀
▀██████████████████▀
▀███████████████▀
▀▀███████▀▀
.
 MΞTAWIN  THE FIRST WEB3 CASINO   
.
.. PLAY NOW ..
TheBeardedBaby (OP)
Legendary
*
Offline Offline

Activity: 2240
Merit: 3150


₿uy / $ell ..oeleo ;(


View Profile
January 28, 2022, 07:16:25 AM
 #10

Of course the range of affected devices is much larger than only the cold storage wallet, but in my case I have only a cold storage with Linux disto so that's why I noted only that in the OP.
Now the OP it's updated and included some more info.


pooya87
Legendary
*
Offline Offline

Activity: 3640
Merit: 11040


Crypto Swap Exchange


View Profile
January 28, 2022, 07:44:42 AM
 #11

This is not such a big problem when we know small percentage of people running Linux operating systems compared to wiNd0ws and mac.
It is kind of off-topic but I guess people don't want to change, even if the change is significantly better. It is the same problem we have in bitcoin adoption. I did some search and was very surprised as how low the "open source" adoption is, 2% Linux usage as OS on PC, 2-3% usage of Firefox browser, maybe less than 1% usage of bitcoin, etc. This is while all these alternative open source options are way more superior to their closed source counter parts, not to mention that at this point they are very mature.
I'm very surprised and kind of disappointed to be honest..

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!