Security question

Since IPfire uses 6.1x kernal does the cve-20223-32233 applie? If so what can be done ?

Hallo @dan786

Welcome to the IPFire community.

A patch for that CVE has been merged into the next branch

https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=cb73ca19a6152689e130502a6d28fec5145ef288

and will be released in Core Update 175.

Reading through the advisory it looks like this flaw requires the attacker to have local access to the IPFire machine as an unprivileged user that can use the flaw to escalate their privileges to that of the root user.

So my non-expert view is that for a default system that only has root as a local login user I would believe the likelihood of the attack being able to affect IPFire systems is probably low.

5 Likes

I think, a IPFire system used in default manner is threatened with a low probability.
With ‘default manner’ I mean:

  • secure acess to the root account; only trusted persons ( ideally one administrator ) know the root password / own the key for shell access
  • installation of software by pakfire only; the modules are revised and checked by a small group of developers, no insecure modules shold be installed.