SegmentSmack Kernel Bug Discovered, Android 9 Pie Now Available, Google’s August Security Bulletin for Android, Kernel 4.19 to Get STACKLEAK Feature and GNOME Releases Keysign 0.9.8

News briefs for August 7, 2018.

Security researchers have discovered a bug in kernel 4.9 called
SegmentSmack. Red
Hat comments
that “a remote attacker could use this flaw
to trigger time and calculation expensive calls to tcp_collapse_ofo_queue()
and tcp_prune_ofo_queue() functions by sending specially modified packets
within ongoing TCP sessions which could lead to a CPU saturation and hence
a denial of service on the system”. There’s no known workaround other than a fixed kernel at
this time. See also the story
on ZDNet
for more
information.

Android 9 “Pie” was
released yesterday. Android 9 uses AI to help it adapt to your preferences
as you use it. Other new features include an adaptive battery, gesture
navigation and tools to help you see how much time you’re spending on your
phone.

Google also released its August
security bulletin for Android
yesterday, and the most severe issue
“is a critical vulnerability that could enable a remote attacker
using a specially crafted file to execute arbitrary code within the context
of a privileged process”.

The upcoming 4.19 kernel will be getting the STACKLEAK feature, Phoronix
reports
. STACKLEAK provides further security as it “wipes out
the kernel stack before returning from system calls. By clearing the kernel
stack, it reduces possible leakage and can block some possible attack
vectors, including stack clash attacks and uninitialized stack variable
attacks.”

GNOME
Keysign 0.9.8
has been released. This update fixes several bugs and
now includes Bluetooth support so you can exchange keys without a network
connection. The app is also now on Flathub, and you can install it from here.

Source: Linux Journal