New Bugs Could Let Hackers Bypass Spectre Attack Mitigations On Linux Systems

silversurfer

Level 72
Verified
Trusted
Content Creator
Malware Hunter
Aug 17, 2014
6,139
Cybersecurity researchers on Monday disclosed two new vulnerabilities in Linux-based operating systems that, if successfully exploited, could let attackers circumvent mitigations for speculative attacks such as Spectre and obtain sensitive information from kernel memory.

Discovered by Piotr Krysiuk of Symantec's Threat Hunter team, the flaws — tracked as CVE-2020-27170 and CVE-2020-27171 (CVSS scores: 5.5) — impact all Linux kernels prior to 5.11.8. Patches for the security issues were released on March 20, with Ubuntu, Debian, and Red Hat deploying fixes for the vulnerabilities in their respective Linux distributions.

While CVE-2020-27170 can be abused to reveal content from any location within the kernel memory, CVE-2020-27171 can be used to retrieve data from a 4GB range of kernel memory.
In a real-world scenario, unprivileged users could leverage these weaknesses to gain access to secrets from other users sharing the same vulnerable machine.

"The bugs could also potentially be exploited if a malicious actor was able to gain access to an exploitable machine via a prior step — such as downloading malware onto the machine to achieve remote access — this could then allow them to exploit these vulnerabilities to gain access to all user profiles on the machine," the researchers said.
 

Vasudev

Level 31
Verified
Nov 8, 2014
2,093
Top