Tag Archive: Fix


A remotely exploitable vulnerability in bash has been discovered by Stephane Chazelas. The vulnerability has the CVE identifier CVE-2014-6271 and has been given the name Shellshock by some. This affects Debian as well as other Linux distributions. The vulnerability arises from the fact that you can create environment variables with specially-crafted values before calling the Bash shell. These variables can contain code, which gets executed as soon as the shell is invoked. The name of these crafted variables does not matter, only their contents. As a result, this vulnerability is exposed in many contexts.

This issue affects all software that uses the Bash shell and parses values of environment variables. This issue is especially dangerous as there are many possible ways Bash can be called by an application. Quite often if an application executes another binary, Bash is invoked to accomplish this. Because of the pervasive use of the Bash shell, this issue is quite serious and should be treated as such.

However, there is nothing to worry about as a patch has been issued. It is recommended to install it using your system software manager.

Bash Patch

You can verify the upgrade by running the following command. You should receive “Not vulnerable”.

$env check=’Not vulnerable’ x='() { :;}; check=Vulnerable’ bash -c ‘echo $check

Read more : https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/

Like most others, if you tried installing Windows 8.1 or Windows Server 2012 R2 64Bit in Oracle Virtualbox, you must have encountered the following error.

Win_VM_Error

This error occurs when the instruction CMPXCHG16B is disabled in your CPU. It is so by default in Oracle Virtualbox. The simple solution is to enable this instruction & then you should not get the error on initializing the Windows 8.1/Windows 2012 virtual machine.

To do this on your linux system first issue the following command,

$VBoxManage list vms

The above command will list all the virtual machines present. Be sure to run this command as a normal user. You won’t see a list of vm’s if the command is executed as a root. The VboxManage command is case-sensitive, keep that in mind. So make sure you use it properly as VboxManage.

Once done, copy down the vms name. In my case “Windows”.

[shuttertux@localhost ~]$ VBoxManage list vms

“Windows” {6e60906c-d449-4142-ba17-bb0424d3da3d}

Now to enable the CMPXCHG16B CPU instruction one needs to execute,

$VBoxManage setextradata “Windows” VBoxInternal/CPUM/CMPXCHG16B 1

The value ‘1’ at the end of the command enables the desired CPU instructions. Now you can go ahead successfully and install Windows 8.1/Windows 2012 64Bit in Oracle VirtualBox.

The wikipedia explains the following on CMPXCHG16B CPU instructions:

Early AMD64 processors lacked the CMPXCHG16B instruction, which is an extension of the CMPXCHG8B instruction present on most post-80486 processors. Similar to CMPXCHG8B,CMPXCHG16B allows for atomic operations on octal words. This is useful for parallel algorithms that use compare and swap on data larger than the size of a pointer, common in lock-free and wait-free algorithms. Without CMPXCHG16B one must use workarounds, such as a critical section or alternative lock-free approaches. This also prevents 64-bit Windows from having a user-mode address space larger than 8 terabytes. The 64-bit version of Windows 8.1 requires this feature.

Many have been reporting problems when installing VMware Workstation 9 on Fedora 18 64 bit machines & on other distros using the newer kernel versions – 3.8* or newer. The installer reports of missing kernel header files & prompts for the same. Installing kernel-headers package does not work. This problem isn’t related to Fedora 18 but its due to Vmware guys not updating their vmware-config-tool for the new kernel releases. Before you go ahead to rectify the problem, I advise you update your kernel & its headers.

#yum update kernel* -y

#yum install kernel-headers kernel-devel -y

Reboot the system & boot into the new kernel. Fire up a shell & issue,

#uname -r

This will output you the current booted kernel version. Copy the entire line into the clipboard.

Now create a new directory at the following path,

#mkdir -p /lib/modules/your-kernel-version-here-from-above/build/include/linux/

It should look similar to,

#mkdir -p /lib/modules/3.9.5-201.fc18.x86_64/build/include/linux/

Now we need to copy the missing .h file to the location we just created. Issue,

cp usr/include/linux/version.h /lib/modules/3.9.5-201.fc18.x86_64/build/include/linux/

Now launch Vmware 9, if it still fails have a look at the pointed log file in the error prompt.

#cat /tmp/vmware-root/vmware-modconfig-3787.log

It should mostly indicate failure to build ‘vmci’ or ‘vmblock’. This is okay & one can ignore this. Hit cancel to quit the Vmware 9. Open a shell. We will now edit the vmware configuration file & disabled the entry which ensures ‘vmci’ or vmblock’ module is built & loaded.

#vi /etc/vmware/config

Find the line

VMCI_CONFED = “no” (It will be YES, make it as ‘no’)

This will cancel building of vmci module. Same can be done for vmblock.

VMBLOCK_CONFED = “no”

Now save & quit Vi editor issuing,

ESC key + :wq! + Enter Key

Now launch VMware 9 & it should launch normally. :)

Have you encountered the following error when trying to install a package on your system?

” file /usr/lib64/audit from install of glibc-2.16-31.fc18.x86_64 conflicts with file from package audit-2.2.1-2.fc18.x86_64 “

It states a file conflict between the two mentioned packages. There is a simple way to solve this error. Simply install the audit package.

#yum install audit -y

You should not get the error anymore.

With the recent Adobe Flash Player update(11.2) in Linux, there seems to be a major color glitch in flash videos for users using Nvidia graphic cards. When viewing flash videos, a user experiences the colors being reversed/altered like you’re watching a negative slide of a film. Imagine, watching a red Ferrari in stark blue & the skin tones of humans being transformed to that of folks from the movie Avatar. Yes, its really frustrating. Updating the Nvidia drivers to the latest won’t work.

To fix this colour glitch, unfortunately one needs to disable hardware acceleration for videos. To disable hardware acceleration, open up a youtube video, right click in the video area & select settings. In the first tab(Display) itself, you should get “Enable Hardware Acceleration” option with a checkmark in the radio box. Simply uncheck this & now try playing a video. If everything goes well, you should be able to view colours accurately.

Another option is to rollback to Adobe Flash 11.1, if you prefer not to disable hardware acceleration. I hope Adobe issues an update on this soon.

Follow

Get every new post delivered to your Inbox.

Join 81 other followers

%d bloggers like this: