[00:54] <lotuspsychje> good morning
[00:59] <MrCollins> hello
[00:59] <lotuspsychje> hey MrCollins
[00:59] <MrCollins> hows it
[01:00] <lotuspsychje> early woken, still bit blurry
[01:00] <lotuspsychje> coffee to the rescue
[01:00] <MrCollins> I hear ya
[01:00] <MrCollins> You must be in Europe or Asia? :)
[01:00] <jeremy31> Middle Europe IIRC
[01:01] <lotuspsychje> belgium
[01:01] <MrCollins> cool.
[01:02] <MrCollins> Always wanted to visit Europe etc.
[01:02] <jeremy31> MrCollins: you should visit topyli
[01:02] <MrCollins> not trying to make this offtopic.
[01:03] <MrCollins> Croatia? im lost lol
[01:03] <jeremy31> MrCollins: Finland
[01:03] <MrCollins> I would like to!
[01:04] <MrCollins> I am American but of mainly Irish descent. Maybe thats why, when the rare occasion presents itself, I drink half the bar!
[01:04] <lotuspsychje> scandinavian countrys are nice, great gov and highspeed internet
[01:05] <MrCollins> My grandfather visited France in 1944 :) Thats the last of us to have been across the pond.
[01:05] <MrCollins> I digress
[01:05] <daftykins> sacré bleu
[01:05] <MrCollins> to the rules hehe
[07:36] <ducasse> good morning
=== akem__ is now known as akem
[17:41] <TJ-> ouch! just discovered a remotely exploitable kernel/DRI/GEM bug with a CVE from 2015 that hasn't been fixed
[17:41] <TJ-> sorry, from 2013 !
[17:41] <daftykins> :o
[17:41] <tomreyn> uh
[17:41] <TJ-> CVE-2013-7445
[17:42] <daftykins> fossa kernel?
[17:42] <TJ-> https://ubuntu.com/security/CVE-2013-7445 which, via links, eventually leads via https://bugs.freedesktop.org/show_bug.cgi?id=106136  to https://gitlab.freedesktop.org/drm/intel/-/issues/110
[17:42] <ubot5> Freedesktop bug 106136 in DRM/Intel "per-process/context memory usage accounting for i915" [Enhancement,Resolved: moved]
[17:42] <TJ-> 7 months ago: "As there is no activity, closing this issue."
[17:43] <TJ-> basically; a crafted web page can cause a browser to consume all memory via allocating multiple CANVAS elements which consume GEM objects which are not accounted for
[17:49] <leftyfb> CVE's shouldn't be allowed to "As there is no activity, closing this issue." without a fix being released
[17:50] <TJ-> I only came across by tracing some vulnerabilities reported by debsecan, due to BugHunter1000's comments in #ubuntu earlier
[17:51] <tomreyn> this must be the first time bugzie did something useful.
[17:53] <tomreyn> i'm glad you spotted this, and am wondering how many other cve's are in deferred state because upstream moved bugtrackers or considered bugs stale.
[17:53] <TJ-> the SUSE security team say it's too complex to fix, so left alone
[17:53] <TJ-> but upstream should really be on something like this like flies on a ...!
[17:53] <tomreyn> if this is 'just' a dos issue on desktops then maybe it's not that bad.
[17:54] <tomreyn> yes :-/
[17:54] <TJ-> it's not - there's a comment about servers running video pipelines being affected too
[17:54] <TJ-> I think I'll bring it up in -hardened
[17:55] <leftyfb> tomreyn: is that really bugzie?
[17:55] <tomreyn> leftyfb: i do not know, i just notice behavorial similarities. ;)
[17:57] <tomreyn> leftyfb: actually, no, probably not.
[17:59] <tomreyn> this person has a much higher level of understanding of what they're talking about (not ubuntu specifically, but security, linux in general). so i jumped to conclusions, sorry.
[18:00] <TJ-> BugHunter1000 was wrong about there being lots of outstanding vulns - they didn't do even basic background checks of the CVEs/packages reported by debscan as I have
[18:04] <tomreyn> yes, that's what made me think it may be him initally
[18:06] <TJ-> I don't have time to develop a simple proof/exploit right now - working towards an important deadline tomorrow on something else. Anyone here fancy trying to create one? Looks like it *might* only need a simlpe HTML page with a looping Javascript creating and drawing into multiple canvas elements (so the backing pages are dirty) and not releasing/freeing them
[18:10] <tomreyn> my javascript skills are lacking. maybe this can be a start: https://codepen.io/2toria/pen/BipvF
[18:35] <TJ-> anyone with less than 32GB RAM can test my demo (ensure you've not got anything important running!)
[18:37] <tomreyn> TJ-: where can i find that? i've got an intel grapjhics laptop running ubuntu 18.04 (i think, haven't used it in a while) with 8 ? GB RAM.
[18:37] <TJ-> I've got it created 1920x1080 canvas every second; for up to 1000 iterations - might need to do more and reduce the delay to trigger it earlier
[18:37] <TJ-> tomreyn: I'll send a link privately
[18:40] <tomreyn> thanks, got it. i'll need to update it first of all, will take a while.
[18:40] <TJ-> tomreyn: I need to head home now for dinner; will be back on later
[18:40] <tomreyn> ok
[18:41] <tomreyn> i'll be around for some more hours
[18:41] <TJ-> tomreyn: reduce the sleep to 10 and increase the loop iterations to 99999999 - and in a terminal do "watch -n 1 free"
[18:42] <TJ-> I'm feeling like posting a Hacker News item on this to ensure it gets eyeballs on it!
[18:42]  * TJ- zooms off
[18:49] <tomreyn> geez, 2 GB upgrades
[18:51] <daftykins> what for?
[19:14] <tomreyn> 18.04, i just didn't have this system running for a good while ;)
[19:19] <TJ-> and back!
[19:24] <tomreyn> TJ-: wb. just started it up
[19:24] <tomreyn> ram is going down
[19:25] <TJ-> thanks. wondering if I should adapt so the current iteration number is drawn inside the new canvas so we can see how far its got especially id/when it starts to die
[19:25] <tomreyn> i should probably have diusabled swap
[19:26] <tomreyn> a larger memory allocation poer cycle would be good
[19:26] <TJ-> "sudo swapoff" ?
[19:27] <tomreyn> yes, next run i'll do that
[19:28] <TJ-> also may need to randomise the colour and alpha so as to avoid any possible samepage merging
[19:31] <tomreyn> TJ-: it's surviving, though
[19:32] <tomreyn> available mem never gets entirely depleted, i guess it does GC still
[19:32] <tomreyn> i'll try without swap
[19:32] <TJ-> tomreyn: not sure if this is the way to trigger it; didn't see any exploit examples so may need to experiment somewhat
[19:37] <tomreyn> firefox's about:performance says the POC tab only consumes 2.1 MB RAM, so obviously the memory is consumed elsewhere
[19:38] <tomreyn> top says reserved memory allocation on the firefox container the tab runs in is constantly growing though
[19:42] <tomreyn> "Gah, your tab just crashed." :)
[19:44] <sarnold> check slabtop while running it
[19:47] <tomreyn> too late, system sully loaded, can't do anything
[19:47] <tomreyn> *fully
[19:47] <sarnold> oops
[19:47] <sarnold> well, *next* time you run it.. :)
[19:48] <tomreyn> geez this thing went hot
[19:48] <tomreyn> i guess the fans must be dusty
[19:49] <tomreyn> anyways, i guess it works then, tj
[19:49] <tomreyn> now i got to have food, bbl
[19:53] <TJ-> tomreyn: there's a new version available at the original URL; with this you can set the iteration and delay_ms at top of the HTML
[19:53] <TJ-> sarnold: you want to test this too?
[19:53] <sarnold> TJ-: nope :)
[19:54] <sarnold> TJ-: I already had my fill of i915 memory allocation problems this year
[19:54] <TJ-> I've brought my 32GB Ryzen to a stop!
[19:54] <TJ-> sarnold: this is across all GPUs
[19:56] <sarnold> oh fun
[19:58] <TJ-> around 200 iterations and it was making this Zen2 Ryzen laptop with 32GB sluggish
[19:58] <Ussat> People still use firefox ?
[19:59] <TJ-> Ussat: that is a snide remark
[20:00] <daftykins> i'll always consider it my primary
[20:00] <daftykins> Ussat: this isn't the first time that you've made unhelpful remarks
[20:01] <Ussat> 1) it was a question, and 2) was an honest question
[20:01] <Ussat> so....keep YOUR snide remarks out
[20:01] <Ussat> a remark is different from a question
[20:02] <TJ-> Just like me saying that intelligent people use Firefox
[20:02] <Ussat> That is a remark, I asked a question
[20:02] <daftykins> it's quite obvious that you're being dishonest - and trying to stir up conflict with that reply even, on ignore you go
[20:03] <TJ-> Now to test and measure this on a range of browsers
[20:03] <Ussat> OH noes....ignore
[20:03] <sarnold> Ussat: oh heck yeah, chromium-browser never felt like 'linux'. granted firefox is getting further and further away from that feeling :(
[20:04] <Ussat> I switched all my browsers to Chrome
[20:04] <sarnold> Ussat: it used to be that firefox could be made to handle ^W and ^U like vim / emacs / bash etc but they took that away from me a while ago..
[20:04] <sarnold> middle-click paste was a big one
[20:04] <sarnold> does chromium-browser navigate to an url on middle-click paste?
[20:05] <TJ-> chromium/chrome/blink are becoming the new Internet Explorer
[20:05] <Ussat> Not sure what you mean by chromium-browser......I guess thats the chrome upstream ? and yes
[20:05] <Ussat> its configureable
[20:06] <sarnold> hmm I may need to give it another look
[20:07] <sarnold> pentadactyl used to be reason enough to stick with firefox, but the webmumble things that replaced the old plugin interface just aren't as good
[20:08] <Ussat> I like chrome because it seemlessly syncs across all my systems, devices
[20:09] <TJ-> most browsers do I think
[20:09] <TJ-> certainly Firefox does
[20:10] <Ussat> Firefox does not sync browsing history, or open tabs
[20:11] <TJ-> Yes it does
[20:12] <Ussat> Not from what I have seen, but its doesnt matter, I prefer Chrome, one of the reasons is the many usefull plugins
[20:13] <TJ-> https://support.mozilla.org/en-US/kb/view-synced-tabs-other-devices
[20:13] <Ussat> Again, the main reason is the extensions I use
[20:19] <sarnold> heh, that sounds like my firefox use.. tridactyl, noscript, privacybadger, open in browser
[20:20] <Ussat> Eventually, I imagine I will migrate away from chrome to the new MS Edge, since its so much better on my battery on my Surface Pro 7
[20:21] <daftykins> lol
[20:22] <Ussat> OH...I thought you had me on ignore.....
[20:22] <Ussat> I was so upset when you said that
[20:23] <Ussat> I mean the new Edge is basically Chrome, so...why not ?
[22:43] <tomreyn> hey small-data, how are you?
[22:44] <small-data> tomreyn: never better! you??
[22:45] <tomreyn> good, thanks. but i really just wondered whether you're human. ;)
[22:45] <small-data> haha, that depends on who you talk to
[22:46] <tomreyn> i hadn't seen you talk before, just joingn more ubuntu channels, was wondering
[22:46] <tomreyn> and then there was the nickname. ;-) ok, time to dig a hole in the ground to dig this conspiracy theory in.
[22:47] <small-data> was looking for help with a problem, tried a couple other channels just to see what was up.
[22:47] <small-data> ha, no worries. ttyl, need to reboot now and see if I can make any progress.
[22:47] <tomreyn> good luck.
[22:52] <jeremy31> Should ask them what Distro they use?
[22:53] <sarnold> he's here because the recent grub update to ubuntu pointed out problems in his firmware, so it's probably ubuntu
[22:53] <jeremy31> sarnold: I saw them post the same thing on #linuxmint-help yesterday
[22:53] <sarnold> jeremy31: lol
[22:53] <sarnold> I thought mint didn't bother passing along updates?
[22:54] <jeremy31> sarnold: That changed, they used to hold back kernel and firmware updates
[22:55] <daftykins> i thought there was doubt over the timely release of security updates?
[22:57] <jeremy31> Mint still uses Ubuntu repos for 90+% of packages
[22:59] <jeremy31> aldcor was on #linuxmint-help asking the same question as in #ubuntu.  I gave him some advise on #linuxmint-help about questions in #ubuntu