Unryzer.eu
  • Communities
  • Create Post
  • heart
    Support Lemmy
  • search
    Search
  • Login
  • Sign Up
cm0002@lemy.lol to Linux@programming.dev · 2 个月前

Canonical Says Ubuntu Infrastructure Is Facing Cross-Border DDoS Attack

linuxiac.com

external-link
message-square
16
link
fedilink
93
external-link

Canonical Says Ubuntu Infrastructure Is Facing Cross-Border DDoS Attack

linuxiac.com

cm0002@lemy.lol to Linux@programming.dev · 2 个月前
message-square
16
link
fedilink
Canonical confirms Ubuntu web infrastructure is facing a sustained cross-border DDoS attack, causing service disruption.
alert-triangle
You must log in or # to comment.
  • ZombieCyborgFromOuterSpace@piefed.ca
    link
    fedilink
    English
    arrow-up
    26
    ·
    2 个月前

    This hatred for Snaps is getting out of hand.

    • Skyline969@piefed.ca
      link
      fedilink
      English
      arrow-up
      24
      arrow-down
      1
      ·
      2 个月前

      Ubuntu is one of the most used distros in both desktop and server environments. Take down the update servers, can’t patch CopyFail. Can’t patch CopyFail, more time to access affected systems.

      That’s my paranoid take anyway.

      • kamstrup@programming.dev
        link
        fedilink
        arrow-up
        9
        ·
        2 个月前

        Normally patches roll out before the vulnerability is disclosed. But I honestly don’t know the status on CopyFail

        • Jesus_666@lemmy.world
          link
          fedilink
          arrow-up
          7
          arrow-down
          1
          ·
          2 个月前

          Most distros delivered patched kernels well before the vulnerability was publicly disclosed. Not sure if Ubuntu did but they had ample time to do so.

          • lengau@midwest.social
            link
            fedilink
            arrow-up
            5
            ·
            2 个月前

            Not true. None of the major distros were alerted and Ubuntu, Debian, RHEL, etc. were all struggling at the last minute. See: https://infosec.exchange/@wdormann/116489443704631952

            However, none of those DDoS’s took out the archive servers, so Ubuntu users could still get new kernels.

            • Jesus_666@lemmy.world
              link
              fedilink
              arrow-up
              3
              ·
              2 个月前

              Interesting. So only the fast distros were done patching by time of disclosure. The ones you wouldn’t run a server on. Because only the kernel devs better informed. That’s… pretty amateurish from the guys who discovered CopyFail.

              • lengau@midwest.social
                link
                fedilink
                arrow-up
                5
                ·
                2 个月前

                Even then, some of the upstream LTS kernels didn’t get the patch until the 30th.

          • Successful_Try543@feddit.org
            link
            fedilink
            arrow-up
            3
            ·
            2 个月前

            Ubuntu 26.04 has already been patched, but not the older LTS releases.

            https://ubuntu.com/security/CVE-2026-31431

          • NeighborhoodNerd21@mastodon.social
            link
            fedilink
            arrow-up
            1
            ·
            2 个月前

            @Jesus_666 @kamstrup its my understanding that this actually hasn’t been patched in most distributions. The ubuntu statement says they released mitigations and disabled the kernel module affected but that patches will be released. according to a post on linkedin made yesterday and a video attached to it demonstrating the exploit on a current kali release it hasnt been fixed

        • lengau@midwest.social
          link
          fedilink
          arrow-up
          3
          ·
          2 个月前

          The people who found the vulnerability didn’t do proper coordinated disclosure. See: https://infosec.exchange/@wdormann/116489443704631952

        • Miaou@jlai.lu
          link
          fedilink
          arrow-up
          2
          ·
          2 个月前

          The Debian Bookworm fix was only rolled out last night. Bookworm was not directly affected though, so maybe that’s why it took a bit more time

      • poinck@lemmy.world
        cake
        link
        fedilink
        arrow-up
        2
        ·
        2 个月前

        I could update Ubuntu servers despite the DDoS.

        • Successful_Try543@feddit.org
          link
          fedilink
          arrow-up
          0
          ·
          2 个月前

          Does Ubuntu, like Debian, make you choose a repository mirror during the installation?

          • lengau@midwest.social
            link
            fedilink
            arrow-up
            2
            ·
            2 个月前

            Typically they use archive.ubuntu.com, which was not affected.

    • unexposedhazard@discuss.tchncs.de
      cake
      link
      fedilink
      arrow-up
      3
      ·
      2 个月前

      Add to that the recent announcement about adding AI poop to the OS.

  • Greg@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    6
    ·
    2 个月前

    Which border?

Linux@programming.dev

linux@programming.dev

Subscribe from Remote Instance

Create a post
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !linux@programming.dev

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

  • !linux_memes@programming.dev
  • !linuxphones@lemmy.ca
  • our Matrix group chat
  • !reactos@programming.dev

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

Visibility: Public
globe

This community can be federated to other instances and be posted/commented in by their users.

  • 162 users / day
  • 1.18K users / week
  • 3.46K users / month
  • 10.3K users / 6 months
  • 1 local subscriber
  • 14.1K subscribers
  • 4.75K Posts
  • 38.5K Comments
  • Modlog
  • mods:
  • Ategon@programming.dev
  • adr1an@programming.dev
  • dwraf_of_ignorance@programming.dev
  • BE: 0.19.19
  • Modlog
  • Instances
  • Docs
  • Code
  • join-lemmy.org