Tutorial News Comments FAQ Related Articles

Linux kernel security serious bug issue fixed

lin

Some bug issues just refuse to leave us and come back to bite. An old local privilege escalation Linux escalation kernel CVE-2017-1000253. The Linux kernel loaded Executable and Linkable Format (ELF) executables.

The problem is now if the ELF application is built as Position Independent Executable (PIE), the loader could allow a part of application’ s data segment to map the memory area reserved for stack. This would ultimately cause memory corruption. By then, the unprivileged local user with access to Set Owner User ID (SUID) could gain higher level user privileges.

Qualys, a security company found out a way to reduce the escalation of the bug. By destroying the PIE’ s dynamic section with a stack-based string operation and did a force attacker to the dynamic linker to load and execute own shared library.

This bug is considered to be dangerous because it could give an ordinary user, super-user privileges and may cause havoc on the system. This bug was patched on April 14, 2015 and again it has reared its ugly head because it lived on in long-term support versions of Linux.

Qualys urged the Linux administrators and users to patch up and update the Linux as soon as possible.

Tags:

Author:

Comments ( 0 )

No comments available

Add a comment

Frequently asked questions ( 5 )

What’s a kernel?

The kernel inside a chip is basically an invisible process that facilitates the way apps and functions work on your computer. It has complete control over your operating system. Your PC needs to switch between user mode and kernel mode thousands of times a day, making sure instructions and data flow seamlessly and instantaneously. Here’s how The Register puts it: “Think of the kernel as God sitting on a cloud, looking down on Earth. It's there, and no normal being can see it, yet they can pray to it.”

How do I know if my PC is at risk?

Short answer: It is. There isn’t any concrete data yet, but speculation is that the bug affects all Intel x86 CPUs produced over the past 10 years, regardless of the OS you’re running or whether you have a desktop or laptop. There are some reports that say newer Intel CPUs are less impacted than older ones, but the full extent is unclear.

What is kernel memory?

The kernel is the central module of an operating system (OS). It is the part of the operating system that loads first, and it remains in main memory. ... The kernel code is usually loaded into a protected area of memory to prevent it from being overwritten by programs or other parts of the operating system.

What are the types of the kernel?

There are two types of kernels:
A microkernel, which only contains basic functionality;
A monolithic kernel, which contains many device drivers.

I use a Mac, so I’m OK, right?

Not this time. The vulnerability here affects all Intel x86 chips, so that means Macs are at risk too.

Rank

User

Points

Top Contributers

naveelansari

135850

Top Contributers

ayanbhatti

92510

Top Contributers

hamzaahmed

32150

Top Contributers

linuxhelp

31040

Top Contributers

muhammadali

24500

Can you help Luke ?

workbench for debian

I am using workbench in CentOS whereas now I need to use Debian Operating system so could you please help to install and use in Debian?