[BALUG-Talk] netfilter cve

KLH 111111 klh111111@outlook.com
Thu Oct 12 17:38:31 UTC 2023


Thank you.  BUUG is mostly dead.  As far as man pages go I went out on Network Information Service (NIS).  You died on the wrong ski snow.

One could set up a system with Windows Defender and best wireless router for the price and Linux as I was in 2012.  I was not an intentional honey pot creator.  You could be though.

Or there is vegan goat cheese at a popular trader food market near here.

K
________________________________
From: Dan Lyke <danlyke@flutterby.com>
Sent: Wednesday, October 11, 2023 4:53 PM
To: KLH 111111 <klh111111@outlook.com>
Cc: balug-talk@lists.balug.org <balug-talk@lists.balug.org>
Subject: Re: [BALUG-Talk] netfilter cve

On Wed, Oct 11, 2023 at 4:45 PM KLH 111111 <klh111111@outlook.com<mailto:klh111111@outlook.com>> wrote:
> Is anyone else worried about this?  I found it via redhat.com<http://redhat.com>
>
> NVD - CVE-2023-39192 (nist.gov<http://nist.gov>)


It's going to apply to all distributions, because it's a kernel issue, *but*.,.. it's just Moderate severity because it involves a local privileged attacker. I'm just a user these days, my only adminning is personal web servers, but presumably "privileged" in this context means a user who can manipulate the Netfilter subsystem.

So it's largely a question of "who can run `ufw` or `iptables`?". That's probably a fairly short list, and those users can probably damage your system or exfiltrate data through other means. Security is, after all, a question of layers and the Swiss cheese effect.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.balug.org/pipermail/balug-talk/attachments/20231012/82a33385/attachment.htm>


More information about the BALUG-Talk mailing list