Re: [qubes-users] Re: QSB-089: Qrexec: Memory corruption in service request handling
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Thu, May 11, 2023 at 11:00:41PM -0700, Vít Šesták wrote: > If the process is not reused, just an update without restarting anything is > enough, isn't it? (This wouldn't be the case if the process was forking > from a zygote.) The process forks for each request, so one will need to kill all currently-running qrexec-daemon processes to be protected from this vulnerability. The simplest way to do this is to reboot all domUs. - -- Sincerely, Demi Marie Obenour (she/her/hers) Invisible Things Lab -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEdodNnxM2uiJZBxxxsoi1X/+cIsEFAmRffrwACgkQsoi1X/+c IsE+aBAAyAIS9c03+E6KQJAuKBwoa02szKGHbqUHHUtUCX1t961jXCq8Li/MC14e qEUBrZdniIgvcszPLJ4SDH1nIVCovimUu4a1Z+gN/ofvTrxcAH+kSzxth30aIIuE foh4LGFEZLZVng72X002917lDquw0hs0BaMBKzP/JhKAAlpkDIivEbCn7vOvztET hSCRK4mBhfur1gSogkPF69vJnOfoq4FFz2GIsBaWfDF6j0hfmddUbk+mU2f5ooH/ mg7AUFCfltR7GO7swHksFX+S7p+tI/L6VfoxARFjarHZ4f4PYEEXrV/LQXusL60x /oPDOap8AlmPksjC/OITLRCV11jACjeQCIUX2r9pE8KioXmElrNsKKKMAKjf6FSr fy3ylxX3o1cdX1DhHDpbVtv8GM/6nXPfSDg2sbF3AmMTHh1kfOx5GWp32F+BBL3a pI3AuJbXMirrXRVNIDRsdxQ8v+TwEK0jRaI5Z/IbL2kClMODgwBHuZZ8l1xFTFXG xVfWbrbLvhJC9qupoWTKJKIyjmlisF9Q8vQZm2KURgQ0/qO5oesGf8X+XdkynCqO VTjZvxN/UpvAmxvbQB9YxCwO6hAhvdPLNz70uE8C8PDiMWS3VM2iAAoRLSb7CqTz kmkAXkC4M7Y9wKthgY20I4ZFOc2dvvdoV5uXPMG75La0lOQoG0A= =dX/W -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ZF9%2BugKzSKnf6Ah%2B%40itl-email.
Re: [qubes-users] Re: QSB-089: Qrexec: Memory corruption in service request handling
On 5/11/23 11:00 PM, Vít Šesták wrote: > If the process is not reused, just an update without restarting anything is > enough, isn't it? (This wouldn't be the case if the process was forking > from a zygote.) Marek has previously told me that only Xen and Kernel updates require a reboot. FWIW, `needs-restarting -r` also didn't detect anything requiring a restart. > After the update, I got a shower of notifications “Failed to execute > qubes.WindowIconUdater (from to dom0)”, probably for each > running domU qube. Same. > But this looks like a temporary issue, as QRPc seems to > continue working, either for newly launched qubes and for qubes launched > before update. I haven't noticed any unusual behavior either. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6b3d8443-454f-045c-dcec-4156d34c96bd%40qubes-os.org.
[qubes-users] Re: QSB-089: Qrexec: Memory corruption in service request handling
If the process is not reused, just an update without restarting anything is enough, isn't it? (This wouldn't be the case if the process was forking from a zygote.) After the update, I got a shower of notifications “Failed to execute qubes.WindowIconUdater (from to dom0)”, probably for each running domU qube. But this looks like a temporary issue, as QRPc seems to continue working, either for newly launched qubes and for qubes launched before update. Regards, Vít Šesták 'v6ak' -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/58ee4c42-1d8a-437e-b28e-7efb8758185bn%40googlegroups.com.