GuidesLinux Privilege Escalation Hole Detected

Linux Privilege Escalation Hole Detected

Ryan Naraine
By Ryan Naraine
Guides

ServerWatch content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.




For the second time in as many months, security researchers uncovered a privilege escalation security flaw in the Linux kernel.

A security flaw in the Linux kernel carries a ‘critical’ rating and could be exploited to give an attacker full super-user privileges.

According to an advisory from computer security consultants iSEC Security Research, the flaw was found in the Linux kernel memory management code and is completely unrelated to a similar vulnerability found last month.

The flaw carries a “critical” rating and affects Linux version 2.2, up to and including 2.2.25; it also impacts version 2.4, up to and including 2.4.24, as well as version 2.6, up to and including 2.6.2.

“Proper exploitation of this vulnerability leads to local privilege escalation giving an attacker full super-user privileges. The vulnerability may also lead to a denial-of-service attack on the available system memory,” iSEC warned.

Linux distributor Gentoo confirmed its implementation of the open source operating system was susceptible to the flaw and strongly urged uses to upgrade to newer, more secure versions.

According to Gentoo, arbitrary code with normal non-superuser privileges may be able to exploit this vulnerability and may disrupt the operation of other parts of the kernel memory management subroutines.

Proper exploitation of this vulnerability may lead to local privilege escalation, allowing for the execution of arbitrary code with kernel level root access,” Gentoo warned, noting that proof-of-concept exploit code has been created and successfully tested.

The flaw was discovered in the memory subsystem, which allows for shrinking, growing, and moving chunks of memory along any of the allocated memory areas that the kernel possesses. iSEC Security Research found that the code doesn’t check the return value of the memory function.

“Due to the missing return value check after trying to unmap the middle of the first memory area, the corresponding page table entries from the second new area are inserted into the page table locations described by the first old one, thus they are subject to page protection flags of the first area. As a result, arbitrary code can be executed,” the company explained.

This article was originally published on InternetNews.com.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends & analysis

Latest Posts

Related Stories

ServerWatch is an established resource for technology buyers looking to increase or improve their data center infrastructure. ServerWatch’s reviews, comparisons, tutorials, and guides help readers make informed purchase decisions around the hardware, software, security, management, and monitoring tools they use to innovate for employees and customers.

Advertisers

Advertise with TechnologyAdvice on ServerWatch and our other data and technology-focused platforms.

Advertise with Us

Menu

Our Brands

Property of TechnologyAdvice.
© 2024 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.