[Owasp-natal] Vulnerability in recent Linux kernels offers root rights

Noilson Caio caiogore em gmail.com
Segunda Fevereiro 25 18:31:58 UTC 2013

 [image: Security Tux] An error in the handling of special netlink messages
in the Linux kernel can allow a user to surreptitiously gain root
privileges. The discoverer of the hole, Mathais Krause, confirmed to *The H*'s
associates at heise Security that Linux kernel versions 3.3 to 3.8 are
affected. These are used by, among other things, Fedora 17, 18 and
Ubuntu 12.10. Red Hat <https://bugzilla.redhat.com/show_bug.cgi?id=915052>and
SUSE <http://seclists.org/oss-sec/2013/q1/428> are unaffected as they have
not ported the code in question back to the older kernels their
distributions are based on.

Netlink <http://en.wikipedia.org/wiki/Netlink> is used for communication
between processes in userland and kernel (AF_NETLINK). With an
appropriately crafted message, a local user without administrative
privileges can gain control of a system. First exploits that will do this
are already circulating on the net. A patch for Linux
already on its way. The crucial element of this flaw is that the
otherwise useful defensive restriction
mmap_min_addr<http://wiki.debian.org/mmap_min_addr>is not effective
because the erroneous access is to an address which is
above this threshold and in userspace.

(djwm <djwm at h-online.com>)

Noilson Caio Teixeira de Ara˙jo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-natal/attachments/20130225/698aef56/attachment.html>

More information about the Owasp-natal mailing list