According to ElReg, the discoverer is going to be posting a disclosure
and proof-of-concept exploit tonight at 20:00 UTC:

https://www.theregister.com/2024/09/26/unauthenticated_rce_bug_linux/


On Thu, 2024-09-26 at 06:03 -0400, Jeremy Phelps via Dng wrote:
> This guy who claims to have insider knowledge makes it sound like a
> problem in the kernel network stack:
> https://slashdot.org/comments.pl?sid=23466721&cid=64817845
>
> On Thu, Sep 26, 2024, 04:26 the pterodactyl <iam@???> wrote:
> > From Slashdot.org:
> >
> > ------------
> >
> > Critical Unauthenticated RCE Flaw Impacts All GNU/Linux Systems
> >
> > Posted by BeauHD on 2024-09-25 20:00 from the not-a-good-look dept.
> >
> > "Looks like there's a storm brewing, and it's not good news,"
> > writes ancient Slashdot reader jd. "Whether or not the bugs are
> > classically security defects or not, this is extremely bad PR for
> > the Linux and Open Source community. It's not clear from the
> > article whether this affects other Open Source projects, such as
> > FreeBSD." From a report:
> >
> > A critical unauthenticated Remote Code Execution (RCE)
> > vulnerability has been discovered, impacting all GNU/Linux systems.
> > As per agreements with developers, the flaw, which has existed for
> > over a decade, will be fully disclosed in less than two weeks.
> > Despite the severity of the issue, no Common Vulnerabilities and
> > Exposures (CVE) identifiers have been assigned yet, although
> > experts suggest there should be at least three to six. Leading
> > Linux distributors such as Canonical and RedHat have confirmed the
> > flaw's severity, rating it 9.9 out of 10. This indicates the
> > potential for catastrophic damage if exploited. However, despite
> > this acknowledgment, no working fix is still available. Developers
> > remain embroiled in debates over whether some aspects of the
> > vulnerability impact security.
> >
> > ----------
> >
> > Howdy Devuaners,
> >
> > Can someone "in the know" please tell us what this is about and
> > whether we all
> > should start a re-install movie en masse?  I saw an anonymous post
> > (that I
> > *hate* to mention, lest a rumour spread and besmirch a fine,
> > respected,
> > and venerable program) that it is CUPS, and that seems reasonable,
> > given that
> > CUPS has been part of GNU/Linux for so long.  But I have disabled
> > the two (2)
> > services jic.  Sayagain:  Only an unsubstantiated rumour in a time
> > of
> > crisis.  Discretion pls.
> >
> > Just between you, me, and the dear lord, I really, really hope the
> > vulnerability is in systemd.  That would tickle me pink.  (grin)
> >
> > Thanking you for all your kind work,
> >
> > --
> > Q:      Why do mountain climbers rope themselves together?
> > A:      To prevent the sensible ones from going home.
> > _______________________________________________
> > Dng mailing list
> > Dng@???
> > https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
> _______________________________________________
> Dng mailing list
> Dng@???
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng