Announcement

Collapse
No announcement yet.

Another Linux Kernel Vulnerability Leading To Local Root From Unprivileged Processes

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Another Linux Kernel Vulnerability Leading To Local Root From Unprivileged Processes

    Phoronix: Another Linux Kernel Vulnerability Leading To Local Root From Unprivileged Processes

    CVE-2017-6074 was made public today as a DCCP double-free vulnerability that could allow for kernel code execution from an unprivileged process...

    http://www.phoronix.com/scan.php?pag...nux-Local-Root

  • #2
    In a way its scary to think that it still could be vulnerable simply by creating code to unpatch the fix on victims computers and open it up for exploitation. I think many vulnerabilities need more hardening to truly be exploit free.

    Comment


    • #3
      Originally posted by phoronix
      It affects kernel builds with CONFIG_IP_DCCP, which is the case for many distribution kernels.
      Gentoo here, don't remember enabling that option.
      Code:
      $ zgrep DCCP /proc/config.gz
      # CONFIG_IP_DCCP is not set
      And lo, it helps again to leave out all the functions you don't need.

      Comment


      • #4
        Originally posted by Ronshere View Post
        In a way its scary to think that it still could be vulnerable simply by creating code to unpatch the fix on victims computers and open it up for exploitation. I think many vulnerabilities need more hardening to truly be exploit free.
        I don't know what that means? If you can modify the kernel on a victim's computer they've already lost? You can just add "this_thread->uid = 0;"?

        Comment


        • #5
          Linus said some time ago that he wasn't particularly against Rust code, and was willing to accept some if a maintainer felt it was needed or beneficial. Any updates on this? I guess they would have to improve rust's cross-platform support first, but having a project like this is also a way to reach this goal.

          Comment


          • #6
            Originally posted by Ronshere View Post
            In a way its scary to think that it still could be vulnerable simply by creating code to unpatch the fix on victims computers and open it up for exploitation. I think many vulnerabilities need more hardening to truly be exploit free.
            what?

            Comment


            • #7
              Originally posted by [email protected] View Post
              Linus said some time ago that he wasn't particularly against Rust code, and was willing to accept some if a maintainer felt it was needed or beneficial. Any updates on this? I guess they would have to improve rust's cross-platform support first, but having a project like this is also a way to reach this goal.
              what is stopping you from converting the kernel to rust?

              Comment


              • #8
                Originally posted by phoronix View Post
                Checking my Fedora 25 kernel right now, it's enabled
                Looks like Justin Forbes just posted a patch in the fedora kernel git for F25 (no build yet):

                http://pkgs.fedoraproject.org/cgit/r...d55842bf8bee29

                Comment


                • #9
                  I'm already fully patched without so much as a reboot. canonical-livepatch is kind of sweet :-)

                  Comment


                  • #10
                    I guess it is time to reboot my laptop. It will be the first time this year...

                    Comment

                    Working...
                    X