Solved atop exploit/vulnerability maybe...

Solved issue

theLegionWithin

Well-Known Member
Joined
Dec 12, 2024
Messages
297
Reaction score
264
Credits
2,133


Coincidentally, we just had someone make a positive post about atop yesterday. That was digging up an older thread, as I recall.
 
I am atop of the world, I guess not anymore with this news.
 

It's of some interest in that it was a post from a new user and in a thread that hadn't been posted to for four years.

LOL I wonder if there's any reason why someone would be spear-phishing a user on on this site?

Actually, I'm more into coincidences than I am into conspiracies.

I find it weird that the program hasn't been updated in a while. So, if there is a problem with atop (which I do have installed) then I'd be a bit surprised to see that it has managed to survive this long without being noticed by anyone.

However, the person who is giving said warnings is a very reputable person.

So, if it's an older exploit in the code, it'd be a bit late to try using it - especially after this warning has been issued.

I think it's important to remember that Linux has security issues like these. This software is not always vetted as well as it could be and bad actors know how to infiltrate projects. As we don't have the more robust anti-virus offerings, this wouldn't even trigger the AV options we do have as there's no known signature for it. We don't have anything like heuristic analysis tools to scan entire repositories, or new code when it works its way downstream. Some Windows AV is robust and there's a chance that it'd be spotted (and stopped) based on the behavior of the application.

This doesn't mean that Linux is woefully insecure, it just means that there are entry points for bad actors. However, it's also open source, meaning someone's eventually going to look at the code. The saying is, "Many eyes make all bugs shallow." And that includes security-related bugs and bugs place there intentionally.

I'm not the type to immediately jump to the idea that something is some sort of conspiracy, but I do find it unusual that the user would reply to an old thread just a day before this comes out in the tech news. It's a weird coincidence but it doesn't make me immediately think it's some sort of grand conspiracy.

I'm not seeing much out there at HN or Slashdot.

I've been 'out of the office' for a good chunk of today, but I'll definitely keep my eyes out for more information. We'll have to see more reporting on the matter.
 
nice, thanks for that - nice to see a followup to the atop story. hopefully it'll get recoded into rust since that's clearly superior for some things
 
@theLegionWithin if you are satisfied with the answer, you could mark your thread as solved.

Wizard

Avagudweegend all
 
That is a good thing. In the linked article, there's this:​
In summary, there was a bug in atop that allowed unrelated programs to cause the atop command to fail, and to crash in more than one way. This sort of behavior should not occur and typically signals a deeper problem. This kind of unexpected behavior is the stuff of which security exploits are made. That doesn't necessarily mean this was an actual viable exploitable flaw - there's no evidence of one, so far - but it was a weird little bug, and that's a bad thing.​

If you can cause an application to crash, you get unexpected consequences and that can be a security concern,
 



Top