Announcement

Collapse
No announcement yet.

Another Linux Kernel Vulnerability Leading To Local Root From Unprivileged Processes

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Another Linux Kernel Vulnerability Leading To Local Root From Unprivileged Processes

    Phoronix: Another Linux Kernel Vulnerability Leading To Local Root From Unprivileged Processes

    CVE-2017-6074 was made public today as a DCCP double-free vulnerability that could allow for kernel code execution from an unprivileged process...

    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite

  • #2
    In a way its scary to think that it still could be vulnerable simply by creating code to unpatch the fix on victims computers and open it up for exploitation. I think many vulnerabilities need more hardening to truly be exploit free.

    Comment


    • #3
      Originally posted by phoronix
      It affects kernel builds with CONFIG_IP_DCCP, which is the case for many distribution kernels.
      Gentoo here, don't remember enabling that option.
      Code:
      $ zgrep DCCP /proc/config.gz
      # CONFIG_IP_DCCP is not set
      And lo, it helps again to leave out all the functions you don't need.

      Comment


      • #4
        Originally posted by Ronshere View Post
        In a way its scary to think that it still could be vulnerable simply by creating code to unpatch the fix on victims computers and open it up for exploitation. I think many vulnerabilities need more hardening to truly be exploit free.
        I don't know what that means? If you can modify the kernel on a victim's computer they've already lost? You can just add "this_thread->uid = 0;"?

        Comment


        • #5
          Linus said some time ago that he wasn't particularly against Rust code, and was willing to accept some if a maintainer felt it was needed or beneficial. Any updates on this? I guess they would have to improve rust's cross-platform support first, but having a project like this is also a way to reach this goal.

          Comment


          • #6
            Originally posted by Ronshere View Post
            In a way its scary to think that it still could be vulnerable simply by creating code to unpatch the fix on victims computers and open it up for exploitation. I think many vulnerabilities need more hardening to truly be exploit free.
            what?

            Comment


            • #7
              Originally posted by M@yeulC View Post
              Linus said some time ago that he wasn't particularly against Rust code, and was willing to accept some if a maintainer felt it was needed or beneficial. Any updates on this? I guess they would have to improve rust's cross-platform support first, but having a project like this is also a way to reach this goal.
              what is stopping you from converting the kernel to rust?

              Comment


              • #8
                Originally posted by phoronix View Post
                Checking my Fedora 25 kernel right now, it's enabled
                Looks like Justin Forbes just posted a patch in the fedora kernel git for F25 (no build yet):

                Comment


                • #9
                  I'm already fully patched without so much as a reboot. canonical-livepatch is kind of sweet :-)

                  Comment


                  • #10
                    I guess it is time to reboot my laptop. It will be the first time this year...

                    Comment

                    Working...
                    X