11-year-old privilege-escalation vulnerability discovered in Linux kernel and can affect the major distribution of the Linux operating system, including Redhat, Debian, OpenSUSE, and Ubuntu.
Andrey Konovalov, a security analyst has discovered 11 years old Linux Kernel bug (CVE-2017-6074) in the DCCP (Datagram Congestion Control Protocol) with implementation using Syzkaller, kernel fuzzing tool released by Google.
What is Fuzzing?
Fuzz testing or Fuzzing is a Black Box software testing technique, which basically consists in finding implementation bugs using a malicious code and injecting data in an automated fashion.
Linux Kernel bug (CVE-2017-6074)
An exploitable vulnerability in the DCCP (Datagram Congestion Control Protocol) networking code was found, which allows a local user to execute arbitrary code within ring 0 and elevate privileges to root.
The DCCP bug could allow a local unprivileged user to alter the Linux kernel memory, enabling them to cause a system crash or to gain administrative access on the system.
The statement — “An attacker can control what object that would be and overwrite its content with arbitrary data by using some of the kernel heap spraying techniques. If the overwritten object has any triggerable function pointers, an attacker gets to execute arbitrary code within the kernel,” full disclosure mailing list about the vulnerability reads.
What is DCCP?
DCCP is a transport level protocol(Like TCP and UDP) which main aims to solve traffic congestion issue. It minimizes the packet header size as much as possible and provides the establishment, maintenance and helps in taking out the unreliable packets.
Good news is that an outsider can’t break into the system, as it is not a remote code execution (RCE) bug and it requires an attacker to have local access on the system to exploit the bug.
Almost two months ago, a 6-year-old similar privilege-escalation vulnerability (CVE-2016-8655) was discovered in Linux Kernel that dated to 2011.
Privilege escalation vulnerability (CVE-2016-8655) also allows an attacker to gain root privilege by exploiting the af-packet implementation in the Linux kernel.
The main kernel has been already patched. So if you have good knowledge in Linux you can apply the patch and can rebuild the kernel yourself or you can wait for the kernel update from your distro provider and apply the patch as soon as possible after the launch
Get more stuff like this
in your inbox
Subscribe Us And Get Latest Tech News, Hacking News, Science News, And Latest Gadgets News Directly Delivered To Your Inbox
Thank You For Subscribing. Verification Email Has Been Send To You. Please Verify !
Something Went Wrong.