Linux Kernel Exploit Affecting Linux 3.3 To Linux 3.8
A Linux kernel exploit was made public this weekend that affects versions of Linux going back to the 3.3 kernel. This exploit allows for user-space programs to gain root access through a bug in the kernel's networking code.
As reported on Sunday with a CVE request, "An unprivileged user can send a netlink message resulting in an out-of-bounds access of the sock_diag_handlers[] array which, in turn, allows userland to take over control while in kernel mode."
It appears that individuals have been exploiting this kernel bug for some time. The bug was known to exist privately going back to mid-2012 but wasn't corrected until Saturday with these net patches.
The issue will be addressed in the Linux 3.9 kernel and should make it back to the latest stable point releases of the affected Linux kernel series.
As reported on Sunday with a CVE request, "An unprivileged user can send a netlink message resulting in an out-of-bounds access of the sock_diag_handlers[] array which, in turn, allows userland to take over control while in kernel mode."
It appears that individuals have been exploiting this kernel bug for some time. The bug was known to exist privately going back to mid-2012 but wasn't corrected until Saturday with these net patches.
The issue will be addressed in the Linux 3.9 kernel and should make it back to the latest stable point releases of the affected Linux kernel series.
66 Comments