Thoughts On 'SLUBStick' (Not a Severe Bug, Helps Distract From Lawsuits Against Microsoft Over Clownstrike Fiasco)
Clownstrike-gate showed Windows TCO of about 10 billion dollars (just for this one incident, not counting suffering to airline passengers and many dead patients, denied access to healthcare)
Yesterday we saw a lot of "Linux" news about SLUBStick. What is SLUBStick anyway, excerpt a catchy name?
An associate explains:
"SLUBStick: Arbitrary Memory Writes through Practical Software Cross-Cache Attacks within the Linux Kernel | USENIX"https://www.usenix.org/conference/usenixsecurity24/presentation/maar-slubstick
much of the rebuttal is in the summary there,
https://www.stefangast.eu/papers/slubstick.pdf
"While the number of vulnerabilities in the Linux kernel has increased significantly in recent years..."
[...] maybe tie that to the increased number of Microsoft contributed code patches and imply or at least raise the question of a correlation.
Their paper does not raise the topic of mitigation techniques.
The main point though is that the exploit requires local access first.
The idea of combining or chaining attacks is not novel but age old.
As usual, whatever else it may be, the amplified noise is a distraction.
Layoffs are one thing Microsoft wishes to draw attention to. CrowdStrike is another.
Here is a third:
https://www.theregister.com/2024/08/06/bad_apps_bypass_windows_security
This is from yesterday and far more severe than the thing with a catchy name.
Maybe the media should pay more attention to this, and the Microsoft lawsuits as well, not some low-risk (hard to exploit; need local account and active/live session) thing in "Linux". █