Researcher finds 5 privilege escalation vulnerabilities in Linux kernel

Cyber Security News

Oracle Co-Founder Larry Ellison provides a keynote handle at the Oracle OpenWorld convention in 2006. A researcher uncovered 5 equivalent vulnerabilities in the kernel of Linux functioning programs that can allow for an attacker to escalate local privileges on a victim’s network. (Justin Sullivan/Getty Pictures)

A researcher at Good Systems located five related vulnerabilities in the kernel of Linux running devices that can allow for an attacker to escalate neighborhood privileges on a victim’s network.

The flaws, uncovered by security researcher Alexander Popov, could enable an attacker to possibly steal details, run administrative instructions or put in malware on functioning devices or server purposes. Popov was able to productively take a look at an exploit of one of the vulnerabilities on Fedora Server 33, notifying the Linux Foundation, a non-financial gain consortium created to standardize help for the open-resource Linux procedure, and other functions via email on February 5.

“Hello! Let me tell you about the Linux kernel vulnerabilities that I have discovered in AF_VSOCK implementation. I managed to exploit one of them for a community privilege escalation on Fedora Server 33 for x86_64, bypassing SMEP and SMAP,” Popov wrote to the group, incorporating he planned to share additional facts about the exploit approaches with them “later.”

Popov said in the email that he experienced presently formulated a patch and adopted liable disclosure suggestions through the course of action. He submitted his results to the Countrywide Institute of Requirements and Technologies’ National Vulnerability Database, which produced them into CVE-2021-26708.

The vulnerabilities gained a 7. out of 10 for severity by the Widespread Vulnerability Scoring Method. In accordance to Popov, the vulnerable kernel modules are race situations that are present in all key GNU/Linux distributions and instantly load when making a socket as a result of the AF_VSOCK main, which is intended to converse between visitor virtual devices and their host.

Privilege escalation vulnerabilities are thought of notably hazardous due to the fact of the stage of regulate it can give an attacker within a sufferer network. In a modern report on vulnerabilities tied to ransomware operations, RiskSense classifies privilege escalation along with distant code execution as the two types of vulnerabilities that “significantly boosts risk to an business.”

They also located that these vulnerabilities are turning out to be increasingly well-known among the cybercriminals and security researchers, with extra than 25% of freshly revealed Typical Vulnerabilities and Exposure (CVE) information this past calendar year containing some element of privilege escalation or remote code execution.

Popov has observed at minimum two other privilege escalation vulnerabilities in Linux kernels, CVE-2019-18683 in 2019 and CVE-2017-2636 in 2017.