Hi readers and typers,
The knowledgeable sorts who inhabit this Newsgroup can
discuss this at their leisure.
If your desktop runs a mainstream release of Linux, chances are you're vulnerable.
<http://arstechnica.com/security/2016/12/fedora-and-ubuntu-0days-show-that-hacking-desktop-linux-is-now-a-thing/>
Bobbie Sellers conveyed the following to comp.os.linux.security...
The knowledgeable sorts who inhabit this Newsgroup can
discuss this at their leisure.
If your desktop runs a mainstream release of Linux, chances are you're
vulnerable.
<http://arstechnica.com/security/2016/12/fedora-and-ubuntu-0days-show-that-hacking-desktop-linux-is-now-a-thing/>
From the article...
"This time, the exploit takes aim at a flaw in a software library
alternately known as Game Music Emu and libgme, which is used to
emulate music from game consoles. The two audio files are encoded in
the SPC music format used in the Super Nintendo Entertainment System
console from the 1990s. Both take aim at a heap overflow bug
contained in code that emulates the console's Sony SPC700 processor.
By changing the .spc extension to .flac and .mp3, GSteamer and Game
Music Emu automatically open them."
Sounds to me like one needs to explicitly have those two libraries
installed, and I would wager that not everyone does. And of course,
this being FLOSS rather than proprietary software, this vulnerability
will probably get fixed in no time. ;)
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 294 |
Nodes: | 16 (2 / 14) |
Uptime: | 244:17:34 |
Calls: | 6,626 |
Calls today: | 2 |
Files: | 12,175 |
Messages: | 5,320,389 |