Popular on EntSun
- RAS AP Consulting Advances to RFP Stage in Heidelberg Materials' SAP Vendor & Customer Master Data Modernization Initiative - 200
- T. Jones Group's Cameron Jones Serves as Judge for the 2026 CHBA National Awards for Housing Excellence - 150
- KLEKT Announces Appointment of Jay Kimpton to Board of Directors - 146
- Could You Make a 2026 World Cup Squad? A New Free Tool Will Tell You Where You'd Sit on Any National Team's Bench in 90 Seconds - 144
- More Life Summit 2026 Announces Gary Brecka & Mr. Olympia Derek Lunsford as First Speakers for Miami Event - 144
- Milo3D.ai Launches Free AI 3D Model Generator That Turns Text and Images Into Game-Ready 3D Assets in Seconds - 136
- Expert E-Bike Safety Advocate Issues Urgent Warning Following Recent Southern California Fatalities - 125
- Did Drake Just Find His Next Signee? Peoria Rapper Rhymi Gifts "ICEMANDRAKE" Domains, Drops Debut Album Same Day - 124
- Federal indictments bring new scrutiny to SPLC practices and highlight the real‑world impact of its designations on nonprofit groups, including NCFM - 115
- New Study Finds Americans Judge Vacations on Value, Not Price — Signaling a Permanent Shift in How Travel Gets Booked - 112
Sine Nomine Associates: We are constantly minding the store for our customers
EntSun News/11093705
When a Linux security alert is issued our teams expertise shines.
EntSun -- We hear about computer software security problems more often than ever now and with kernel attacks on Linux, it seems they get more dangerous each time. Recently a nasty Linux bug named Dirty Frag was found and our team was able to show how 25 years of development and stable releases is safer than most of the latest new kid on the block software. Building the software the harder, right way the first time with good engineering helps prevent headaches.
For the technical reader these notes will explain how a team digs in.
This class of bug is related to the low level "struct sk_buff" buffer management data structures
More on EntSun News
The OpenAFS kernel module as designed does not have access to that layer of buffer management, rather it uses the regular socket APIs for network traffic.
We also had to consider what happens when people start implementing the several recommended remediation fixes to mitigate the problem in other software.
The recommended mitigation steps involve disabling the `esp4`, `esp6`, and
`rxrpc` kernel modules. These actions will not negatively impact the
functionality of the OpenAFS kernel module.
The bugs disclosed today look to be more of the same issues as the
recent "Copy Fail" issues, which also affected the kernel socket buffer
management.
You keep your team working and we will keep minding the store for you.
https://www.sinenomine.net
For the technical reader these notes will explain how a team digs in.
This class of bug is related to the low level "struct sk_buff" buffer management data structures
More on EntSun News
- Tuckwell Machinery Launches New Range of Woodworking Machinery
- A Brave Little Hero with Four Paws
- Marc Yaffee Headlines Dry Bar Comedy Provo June 19 & 20
- NJT Presents Tony-winner "God of Carnage" June 11-28 at Wool Studio Theatre
- AlHaya Fashion Celebrates Community Support After a Successful Ramadan and Eid Season
The OpenAFS kernel module as designed does not have access to that layer of buffer management, rather it uses the regular socket APIs for network traffic.
We also had to consider what happens when people start implementing the several recommended remediation fixes to mitigate the problem in other software.
The recommended mitigation steps involve disabling the `esp4`, `esp6`, and
`rxrpc` kernel modules. These actions will not negatively impact the
functionality of the OpenAFS kernel module.
The bugs disclosed today look to be more of the same issues as the
recent "Copy Fail" issues, which also affected the kernel socket buffer
management.
You keep your team working and we will keep minding the store for you.
https://www.sinenomine.net
Source: Sine Nomine Associates Inc.
0 Comments
Latest on EntSun News
- Community, Conservation & Waterwise Inspiration Bloom on June 6
- Eddie Bower Recognized for Advancing Creator Education, Ownership, and Advocacy with CRM
- Industrial and systems engineers celebrate key leaders in the field at IISE Annual Conference
- Cosanostra Miami Rises as the Best Latin Nightclub in Miami in Under Two Years From its Opening
- CCHR Leader's 50-Year Fight for Psychiatric Drug Victims Gains National Momentum
- Endless Mountain Music Festival Celebrates 21st Season with America250-Inspired Lineup
- Longtime Detroit Sports Anchor Brad Galli Launches Independent Media Venture: The Brad Galli Show
- Author Releases 7-Day Screen Time Reset for Families as Teachers Worldwide Report Children "Struggling to Grasp Basic Concepts"
- Men's Health Month Begins with Record Proclamations, AP News Coverage, & National Momentum for Men's Health
- RL1 Radio Recognized as Atlanta's Leading Independent Radio Platform Following Landmark May Report
- Djamee Releases Haunting The Empty Stocking Music Video A Journey from Absence to a Purple Door
- AdvisorVault Adds Social Media Archiving to its Consolidated D3P Service
- Bolero – The Show Brings Romance, Rhythm and Latin Passion to The Plaza in Downtown Las Vegas
- Justice Holmes Disposes at North Coast Repertory Theatre
- Producer 9-0's I Kno God Kno/ EP Certified Silver by MRAA Surpassing 1 Million Verified Metrics
- UK Financial Ltd Audits Full Ethereum Architecture Verifies Corporate Wallets and 19-Token Ecosystem Ahead of CoinMarketCap Filing for Global Ranking
- New England Picture Cars Unites Six States with Authentic Regional Picture Cars
- Creative Investment Research Analysis Finds Slower GDP Growth, Rising Inflation
- London Fashion House LatexandLovers Launches Premium Wardrobe Hire Service for Industry Stylists
- New Patriotic Song "America 250" Celebrates Nation's Semiquincentennial Ahead of July 4th