Another Linux kernel vulnerability has been discovered and affects a various number of Linux distribution, including Red Hat, Debian, Fedora, OpenSUSE, and Ubuntu.
The Linux kernel vulnerability (CVE-2017-2636), which introduced on June 22, 2009, and existed for past 7 years.
Positive Technologies researcher Alexander Popov discovered a flaw in the N_HLDC Linux kernel – High-Level Data Link Control, which allows a local privileged user to gain root privileges on the compromised system or can cause a system crash(Denial Of Service).
Double Free Vulnerability
“Double Free” is the most common memory overflow vulnerability that occurs when the application releases same memory location two times by calling the function free() on the same allocated memory.
According to the Positive Technologies, it is hard to say whether the vulnerability has actively been exploited or not in the wild.
“The vulnerability is old, so it is widespread across Linux workstations and servers,” says Popov. “To automatically load the flawed module, an attacker needs only unprivileged user rights. Additionally, the exploit doesn’t require any special hardware.”
Popov detected the vulnerability using the syzkaller fuzzer, which is a security auditing tool developed by Google.
The researcher has reported the bug to kernel.org on February 28, 2017, with a patch to fix the bug and the exploit prototype.
As the security vulnerability is already patched and the security details were published on March 7, 2017. So users are requested to update the latest security patch as soon as possible.
Anyhow if the user is unable to update to the latest security update, the researcher advised blocking the flawed N_HDLC.