Patch Available for Linux Kernel Privilege Escalation

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
The Linux kernel team has released a patch to fix a security bug that could allow an attacker to execute code with elevated privileges.

The issue — tracked as CVE-2017-15265 — is a use-after-free memory corruption issue that affects ALSA (Advanced Linux Sound Architecture), a software framework included in the Linux kernel that provides an API for sound card drivers.

In layman's terms, the bug takes place because the kernel ALSA code allowed an attacker to call a function, delete its output, but still use the output in another function. This is known as a user-after-free vulnerability, a known attack vector, and a common memory management issue.

ALSA developers provide an in-depth explanation for the bug and patch in the ALSA mailing list. Venustech ADLab (Active-Defense Lab) researchers discovered the bug.

Bug requires local access but provides root access
There are good news and bad news. The good news is that the attacker needs a foothold on a vulnerable machine.

This requires infecting the user through malware or other tactics. The bad news is that the attacker can use the ALSA kernel flaw to elevate access from a limited user account to root privileges.

The Linux kernel team has fixed the issue in v4.13.4-2, and the patch is currently trickling down to the multitude of Linux distros, such as Red Hat, Debian, Ubuntu, Suse, and others.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top