If the moderators permit (because it's a security issue), the security vulnerability was shown in the ubuntu 10.04(64 bits) first by VSR, a security research firm. Now kindly view the link i will give and suggest what to do! I have the same version ,but the 32 bits(Intel).
View 2 RepliesI have recompiled a few kernels, but all on 32bit systems so not sure if that has anything to do with it.
Running Arch Linux 64bit, most recent version.
Kernel Output:
Code:
My first thoughts was that it might be my grub bootloader configuration, so had a big play around with that but it didn't fix it. Also made sure support was built for filesystems. However almost all that Fstab mounts are ext3 anyway, and certainly the root and /boot are. Now thinking it may be a memory error so will run a check when I shutdown.
Other than the linux kernel image I am using is it ok to remove the others I have and thus gain more disk space ? I only have a small asus 900 netbook.
View 4 Replies View RelatedUpdate manager downloaded and installed latest kernel (Ubuntu, Linux 2.6.31 -16 -generic). When I tried to restart I get the message { 1.661235}Kernel panic - not syncing: VFS: unable to mount root fs on unknown - block(8,38). Everything works fine on previous update.
View 1 Replies View RelatedI read in some website and thought of giving a shot at the pae enabled kernel as i was having 6GB of RAM available in my system. I couldn't use 64bit system because i have a lot of applications that are not available in 64bit. I use a few customised software (From my office corporate) they are 32bit too.
Here is what i did..
sudo install linux-generic-pae
It installed a few headers and packages additionally required.
and i did a reboot.
[Code]...
An alternate solution to use all the 6GB is also welcome... using the current pae enabled kernel. do i need to install any additiona drivers..While i try to load Xwindows.. I get the following error.A long error report is generated and at the end "No Xwindows system installed.."
I have recently been getting into kernel development and was wondering whether the Linux kernel or BSD kernel would be easiest for newbies (such as myself). Does anyone know? I am really considering BSD because it seems to me to have the best documentation.
View 2 Replies View RelatedMy kernel is not updating and I'm getting errors like.........
[Code]...
I am new to kernel development,and I have to compile a kernel with some specific features and then install it on some machines.The problem is that these machines are slow,and hence I want to compile them on a fast desktop once and then install them on the machines.I am following this guide from Ubuntu wiki.
So what I plan to do is, download the source and generate a config file on one of the slow machines, copy both to the faster machine, generate the image on the faster machine and then install it on all the slow machines. The slow machines are almost identical (same cards, processors, OS etc.) but different from the fast machine(different OS and processor). So will this work or not?
I've compiled the last stable ubuntu kernel (2.6.38-...) following this guide: How to compile a Ubuntu 10.10 kernel but in this guide doesn't explain how create linux-libc-dev package for that kernel? How do I do?
I've tried with fakeroot debian/rules binary-arch-headers but it returns an, IMHO, absurd error:
mkdir /home/simon/sources/kernel/ubuntu-natty/debian/linux-libc-dev/usr/include/
mkdir: cannot create directory `/home/simon/sources/kernel/ubuntu-natty/debian/linux-libc-dev/usr/include/': File exists
make: *** [install-arch-headers] Error 1
The error is correct but this folder is created in the same process!
I'm trying to compile a Linux kernel module called hello-2.c using the command "make -C /lib/modules/$(uname -r)/build M=${PWD} modules" (without the quotes) (which I found online), and the following is the (seemingly successful) output.:
Code: Select allmake: Entering directory `/usr/src/linux-headers-3.2.0-4-amd64'
Building modules, stage 2.
MODPOST 0 modules
make: Leaving directory `/usr/src/linux-headers-3.2.0-4-amd64'
However, I don't see a hello-2.ko (in the same folder or anywhere else for that matter). I'm Using Debian GNU/Linux 7.6.
Everything I am doing is within a folder/directory called "thefolder" (without the quotes) in the "/tmp" directory (without the quotes).
Why I can't see a hello-2.ko, and what to do to get it?
I need to recompile a kernel and I am wondering why I have a /usr/srckernels directory instead of a /usr/src/linux directory?
I installed all the packages I thought I needed.... kernek-devel, gcc, make...
What am I missing to do this "correctly"?
I need an FM transmitter (with RDS support) that can be controlled via the linux kernel, preferably connected via USB.
Recommend a good programmable USB-based FM transmitter?
I have investigated an architecture with i2c-tiny-usb interfaced with a Silicon Labs si4713, but the additional circuitry to get it to work it too much. (I'm not an electronics engineer).
I'm currently trying to get my wireless card to work with ndiswrapper after installing backtrack4 today, BUT.When I try and use the make command it tells me that some or another file is missing. I've checked and the output is right, There is no file of that name but there is neither a folder of that name.
Code:
root@bt:/usr/src/ndiswrapper-1.56/ndiswrapper-1.56# make
make -C driver
make[1]: Entering directory `/usr/src/ndiswrapper-1.56/ndiswrapper-1.56/driver'
[code]....
I am working on linux kernel building and customising for our requirement.All these days we were using 2.6.9EL5 kernel to create our own Bootable kernel. Lately we moved to 2.6.33.3 as SATA CDROM support was not available during booting with the earlier kernel.Now with the new kernel i have got all the updates i wanted with respect to hardware detection during booting but having an issue with my PS2 mouse not auto detecting while booting. However i can configure the mouse with the popup that comes during booting by selecting the generic PS2 3 button mouse option. With this my mouse works properly. I am wondering is there a way to make the mouse auto detectable.I have attached one of the Xconfig file that is part of our process.
View 2 Replies View RelatedI noticed that when typing in your password after locking the screen or a screensaver, the program focussed behind it is able to catch the input...
This sounds like a huge security risk to me, is there anyone who can test this? (Only noticed with game in wine, perhaps you need low level xorg access)
I have a problem here with my updated kernel. I'm currently using Fedora 14 kernel 2.6.35.9-64, and my wireless card Broadcom BCM4312, which had an issue before with Linux distros, is working fine already, thanks to the kmod-wl software driver. My problem now is this, after updating to kernel 2.6.35.10-72, fedora does not boot, and I noticed that the wireless card is the only thing not activating, compared to the working kernel. And when i looked at the log of the bootup (pressed right arrow key), I saw this:
[code]...
how to perform floating point operations in kernel? i answered that its impossible to perform floating point operations in kernel.but he is telling that its possible but with some feature to be added.can any body know about this perfectly??
View 1 Replies View Related's/ARCHTYPE=i386/ARCHTYPE=x86/'If your looking for a kernel image in /usr/src/linux/arch/i386/boot, your not likely to find one.
View 3 Replies View RelatedI decided to report what happened me lately so that someone more clever could find the hole in the latest ubuntu. So: I have a machine connected 24/7 on high speed network. i had karmic on it. i ran openssh and apache2 (without any mod, plain apache2) on it. In addition i ran firefox, ktorrent, and amule on it. Nothing else. The system didnt have any rule in iptables.
Recently chkrootkit signaled a SuckIT rootkit in the system. I was scared, i googled for it and i saw that on ubuntu this actually happened and it was a false positive. Ok, i kept going. Yesterday i nmapped myself and i found an open port around 64000 that i couldnt see with netstat -atpnl so i concluded i was actually infected and erased the drive and tried to install lucid alpha2 so, one day of lucid,
- with a firewall this time that let open only the port 22 and 80 from internet
- with only openssh as service (no apache2)
- ran firefox3.6 , ktorrent and amule , nothing else
chkrootkit didnt find anything
debsums reported
debsums: changed file /sbin/initctl (from upstart package)
i did an apt-get install --reinstall upstart and that file didnt warn anymore. So i concluded there must be some kind of vulnerability either in
a) firefox
b) ktorrent
c) amule
Using Opera 10.61 and 10.62, I find that any secure website I access, such as a bank, the lock icon in the address bar is replaced by a question mark. Clicking on it brings up a window, stating that the connection is not secure, that the server does not support TLS Renegotiation. Doing some internet searches for "opera tls renegotiation" brought me to a page at the Opera website, where they discuss this issue. The issue is generic, not limited to Opera, affecting the TLS protocol, and it potentially enables a man-in-the-middle to renegotiate a "secure" connection between a server and client, issuing own commands to the server. Opera has addressed the problem on the client end, but now servers need to be upgraded too. None of the HTTPS sites I have tried have upgraded their servers, if the information provided by the Opera browser is correct.
My questions: how feasible is such a MITM attack, what level of resources would such an attack require? What, if anything, would the attacker need to know about the client and/or server to mount the attack? Would I be better off using Firefox, or is Firefox simply oblivious of the problem and not issuing warnings for that reason?
I i've virtual machine that is running BackTrack4r2. I need to use the built-in tool Metaspolit in bt for assessing the security and vulnerability in websites The prob is that i dont have any about the Metaspolit tool.
View 10 Replies View RelatedAs you might have heard, a recent critical vulnerability was discovered in Firefox 3.6.Any word on a Slackware patch coming soon? I'd prefer to use a Slackware package rather than the actual Mozilla release, but I also don't like browsing the web with a remote code execution bug in my browser.Or is Slackware unaffected by this?
View 14 Replies View RelatedI am an openSuSE user for many years. My current installation is openSuSE 11.2. However, my first was SuSE 6.4 and I have been _constantly_ upgrading since then until reaching the current openSuSE 11.2. The technical issue I have been facing lately is with the kernel version of my current system: although it should be 2.6.31.5-0.1-desktop, as this is the one I have chosen via the online update mechanism and the yast2 system boot-loader procedure, grub shows it as preselected, the boot procedure in the end greets me mentioning this very kernel version, _but_ when I issue the command: uname -a in a command prompt, I am informed of using linux kernel version: 2.6.18.2-34-default #1 SMP PREEMPT
I am really quite puzzled, since I _cannot_ find any such vmlinuz file under /boot/ ! Could it be that my system properly runs with the expected kernel version, but uname mistakes it with a different one? Is there a way to determine the actual version of the linux kernel that my system currently runs with? If it's a problem with uname, have you got any suggestions that could potentially shed some light towards the origin/cause of the reported issue?
Is there a free online vulnerability scanner where either I can give them the IP address to scan or can be initiated from the console command, tool, or text based browser. I use GRC's Shields Up when I have a GUI, but I want a scan ran on my website that runs Ubuntu 8.04 server on a hosted VPS.
View 5 Replies View RelatedI've got an HP Netbook with Jaunty installed, and I've got an older Dell laptop running Debian.A friend of mine, on several occasions, has told me that when I left my computers unattended he could do some kind of series of key-strokes, and then a window comes up and he says that he can change the password for my account.I've asked him to show me how he does it, but he never will because he doesn't want me to be able to thwart himIs he lying, or is it for real? if it's for real, how do I go about changing it so that it can't happen anymore?
View 5 Replies View RelatedI saw this forum post and I want to try it out so I went here and copied and pasted the following text into a file called test.patch.
Code:
---
Documentation/kernel-parameters.txt | 2
drivers/tty/tty_io.c | 1
include/linux/sched.h | 19 ++++
init/Kconfig | 12 +++
kernel/fork.c | 5 +
kernel/sched.c | 25 ++++--
kernel/sched_autogroup.c | 140 ++++++++++++++++++++++++++++++++++++
[Code]....
1 out of 1 hunk FAILED -- saving rejects to file linux-2.6/Documentation/kernel-parameters.txt.rej I'm not so good with patching so I am sure it is probably something easy.
I am using Nagios 3.2.4 tool with Nagios-Plugins-1.4.14 and on Red Hat Fedora Linux ver 10.1.The Apache version is 2.2.11. My security team has identified the following vulnerabilities with this version and they want me to find a fix.
1)Apache mod_proxy_ftp Module NULL Pointer Dereference Denial Of Service Vulnerability
2)Apache HTTP Server mod_proxy stream_reqbody_cl Function Denial of Service Vulnerability
3)Apache HTTP Server mod_deflate Remote Denial Of Service Vulnerability
4)Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
I ran across this problem when I used checkinstall and then tried to extract the contents of data.tar.gz (which you can find inside any .deb).tar has an option to extract the contents of a file in a given directory.From tar's manpage:
Code:
-C, --directory DIR
change to directory DIR
[code]....
Quote: Security expert Georgi Guninski has pointed out a security issue in the 1.0 branch of OpenSSL that potentially allows SSL servers to compromise clients. Apparently the hole can be exploited simply by sending a specially crafted certificate to the client, causing deallocated memory to be accessed in the ssl3_get_key_exchange function (in ssls3_clnt.c). While this usually only causes an application to crash, it can potentially also be exploited to execute injected code.
View 1 Replies View RelatedDuring a recent update, a package called "Firmware for Linux kernel drivers" could not be installed, producing an error message that reads:
Code:
Preparing to replace linux-firmware 1.38.3 (using .../linux-firmware_1.38.4_all.deb) ...
Unpacking replacement linux-firmware ...
[code]....