dirty frag and cut and fail and instructure ransom?

brent

busy May? Or another day at the office?

The two linux exploits came 8 days apart by I believe kernel injection with broad ability to grant itself sudo permissions for everything.

14 articles later I know even less: like what are the implications? if they succeeded? who did it as far as actors? why?--I see no speculation.

Instructure, which affected my business and nearly every college on the planet (using canvas) held for ransom the PII (personally identifiable information) of 275 million students, staff, and faculty…which seemed like a small haul for a global platform. A global platform that had to shut down 1.5 days during finals week…

Instructure has nothing to do with Linux but the two quick exploits did.

What do y'all think of the two successive linux exploits? they were caught so fast and easy I don't know what the actor's aims were.

Harvey

Its a bug... Why did you jump to bad actors? The worst you could say is that the second CVE was not disclosed responsibly. People were already working on fixing it and someone else seemed to have either broken embargo or discovered the exact same exploit unrelated to that work and wrote white paper on it.

The CVE is severe but required someone to have shell access to exploit. So you not only needed the exploit to exist but to have a bad actor with access to your system to use it to elevate privileges (EDIT: Or a useful idiot to download something and run it).

brent

Harvey People were already working on fixing it and someone else seemed to have either broken embargo or discovered the exact same exploit unrelated to that work and wrote white paper on it.

embargo was a word I tossed around a lot in these articles. like a chain of custody thing i gather

Harvey So you not only needed the exploit to exist but to have a bad actor with access to your system to use it to elevate privileges (EDIT: Or a useful idiot to download something and run it).

ok that is clearer than 14 articles 🙂

Harvey

brent embargo was a word I tossed around a lot in these articles. like a chain of custody thing i gather

Embargo:

Verb Forms

embargo something to officially ban trade with another country synonym boycott
There have been calls to embargo all arms shipments to the region.

[usually passive] to officially ban publication of something
be embargoed (for something) The report is strictly embargoed for publication until Friday.

It is frequently used outside of the official governmental usage to describe holding something back until an agreed date. Such as having an embargo date for video game reviews, making a product available for sale or in this case do not talk about CVE for x days so we can get fixes out before people start exploiting it.

brent

Harvey or in this case do not talk about CVE for x days so we can get fixes out before people start exploiting it.

starting to understand the sequence of events. appreciate your insight.