A researcher has discovered a serious locally exploitable vulnerability that appears to have been around in the Linux kernel for more than 11 years. The flaw has been addressed in the kernel and Linux distributions are working on releasing patches.
The weakness, a double-free vulnerability tracked as CVE-2017-6074, was discovered by Google software engineering intern Andrey Konovalov using syzkaller, an open source Linux fuzzer developed by the tech giant.
The flaw affects the Datagram Congestion Control Protocol (DCCP) implementation for Linux since the release of version 2.6.14 in October 2005. In fact, this was the first kernel version to include support for DCCP.
“A flaw was found in the Linux kernel’s implementation of the DCCP protocol in which a local user could create influence timing in which a [socket buffer] could be used after it had been freed by the kernel,” explained Gentoo developer Thomas Deutschmann. “An attacker who is able to craft structures allocated in this free memory will be able to create memory corruption, privilege escalation or crash the system.”
The vulnerability was reported to Linux kernel developers on February 15 and a fix was released within two days
As always, the vulnerability patched by Linux developers to quickly. Repair was completed on Friday, and it was put on the same road division. The correction is also driven in different schedules in different Linux distribution.
It is a vulnerability, which has been given the name CVE-2017-6074. It is a locally recovered aperture through which it is possible to drive the core random code. This can open the rights to the root level of the attacker.
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.
We are a professional review site that has advertisement and can receive compensation from the companies whose products we review. We use affiliate links in the post so if you use them to buy products through those links we can get compensation at no additional cost to you.OkDecline
2 Comments
Tomi Engdahl says:
Code Execution Flaw Affected Linux Kernel Since 2005
http://www.securityweek.com/code-execution-flaw-affected-linux-kernel-2005
A researcher has discovered a serious locally exploitable vulnerability that appears to have been around in the Linux kernel for more than 11 years. The flaw has been addressed in the kernel and Linux distributions are working on releasing patches.
The weakness, a double-free vulnerability tracked as CVE-2017-6074, was discovered by Google software engineering intern Andrey Konovalov using syzkaller, an open source Linux fuzzer developed by the tech giant.
The flaw affects the Datagram Congestion Control Protocol (DCCP) implementation for Linux since the release of version 2.6.14 in October 2005. In fact, this was the first kernel version to include support for DCCP.
“A flaw was found in the Linux kernel’s implementation of the DCCP protocol in which a local user could create influence timing in which a [socket buffer] could be used after it had been freed by the kernel,” explained Gentoo developer Thomas Deutschmann. “An attacker who is able to craft structures allocated in this free memory will be able to create memory corruption, privilege escalation or crash the system.”
The vulnerability was reported to Linux kernel developers on February 15 and a fix was released within two days
Tomi Engdahl says:
Linux places were over 10 years old hole
As always, the vulnerability patched by Linux developers to quickly. Repair was completed on Friday, and it was put on the same road division. The correction is also driven in different schedules in different Linux distribution.
It is a vulnerability, which has been given the name CVE-2017-6074. It is a locally recovered aperture through which it is possible to drive the core random code. This can open the rights to the root level of the attacker.
Source: http://www.etn.fi/index.php/72-ecf/5928-linuxista-paikattiin-yli-10-vuotta-vanha-reika