LAN 292: Linux Action News 292

• Air Date: 2023-05-11
• Duration: 13 mins 5 secs

About this episode

We get you up to speed on two serious flaws, Linux's recent gaming loss, Ubuntu doubling down on RISC-V, and news from the Open Source Summit North America.

Your hosts

• Chris Fisher
• Wes Payne

Sponsored by

• Kolide: Kolide can help you nail third-party audits and internal compliance goals with endpoint security for your entire fleet.
• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.

Episode links

• CVE - CVE-2023-28410 — Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access.
• INTEL-SA-00886
• Intel Security Center
• New NetFilter flaw gives attackers root privileges — A new Linux NetFilter kernel flaw has been discovered, allowing unprivileged local users to escalate their privileges to root level, allowing complete control over a system.
• NVD - CVE-2023-32233
• Goodbye to Roblox on Linux — I’m sorry to be such a downer about this, but it’s the reality. We have to spend our time porting to and supporting the platforms that will grow our community.
• Proper support for the Linux platform - Feature Requests
• Ubuntu 23.04 Now Works on StarFive’s VisionFive 2 RISC-V SBC — ”This partnership will provide users with a seamless development experience, allowing them to leverage the best of open source software and RISC-V through Ubuntu and VisionFive 2.”
• Canonical enables Ubuntu on StarFive’s VisionFive 2 RISC-V single board computer
• Open Source Summit North America — Open Source Summit is a conference umbrella, composed of a collection of events covering the most important technologies, topics, and issues affecting open source today.
• AWS open-sources snapshot fuzzing and policy authorization tools
• Schedule - Linux Foundation Events
• The Linux Foundation on Twitter

Tags

announcements, anti-cheat, apple, attendance, authenticated user, aws, canonical, corrupt batch requests, cve-2023-28410, cve-2023-32233, embedded open-source summit, escalation of privilege, financial strain, fragmentation, google, i915 linux kernel graphics driver, intel, intel linux graphics driver vulnerability, intel security center, jh7110, kernel 6.2.10, linux action news, linux foundation, linux gaming, linux news podcast, local privilege escalation, memory buffer, netfilter flaw, netfilter nf_tables, open source developers, open source summit north america, policy authorization tools, proof-of-concept code, risc-v sbc, roblox, root privileges, snapshot fuzzing, starfive, sustainable ecosystem, system takeover, ubuntu 23.04, valve, visionfive 2, wine