Stories
Slash Boxes
Comments

SoylentNews is people

posted by CoolHand on Monday October 01 2018, @03:39PM   Printer-friendly

Android, Debian and Ubuntu users are still at risk.

https://threatpost.com/another-linux-kernel-bug-surfaces-allowing-root-access/137800/

A high-severity cache invalidation bug in the Linux kernel has been uncovered, which could allow an attacker to gain root privileges on the targeted system.

This is the second kernel flaw in Linux to debut in the last week; a local-privilege escalation issue was also recently discovered.

The flaw (CVE-2018-17182), which exists in Linux memory management in kernel versions 3.16 through 4.18.8, can be exploited in many different ways, “even from relatively strongly sandboxed contexts,” according to Jann Horn, a researcher with Google Project Zero.

The Linux team fixed the problem in the upstream kernel tree within two days of Horn responsibly reporting it on Sept. 18, which Horn said was “exceptionally fast, compared to the fix times of other software vendors.”

The bad news is that Debian stable and Ubuntu releases 16.04 and 18.04 have not yet patched the vulnerability – and Android users remain at risk.

“Android only ships security updates once a month,” Horn said, in a blog post on the flaw this week. “Therefore, when a security-critical fix is available in an upstream stable kernel, it can still take weeks before the fix is actually available to users—especially if the security impact is not announced publicly.”

The Flaw

-- submitted from IRC


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1, Informative) by Anonymous Coward on Monday October 01 2018, @08:01PM (2 children)

    by Anonymous Coward on Monday October 01 2018, @08:01PM (#742443)

    Overflow is now infeasible!

    From the article:

    “The bug was fixed by changing the [VMA] sequence numbers to 64 bits, thereby making an overflow infeasible and removing the overflow handling logic,” Horn said.

    The diff:
    https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/diff/?id=7a9cdebdcc17e426fb5287e4a82db1dfe86339b2&id2=54eda9df17f3215b9ed16629ee71ea07413efdaf [kernel.org]

    Starting Score:    0  points
    Moderation   +1  
       Informative=1, Total=1
    Extra 'Informative' Modifier   0  

    Total Score:   1  
  • (Score: 0) by Anonymous Coward on Monday October 01 2018, @10:56PM (1 child)

    by Anonymous Coward on Monday October 01 2018, @10:56PM (#742524)

    I don't think that word means what you think it means...

    • (Score: 0) by Anonymous Coward on Tuesday October 02 2018, @12:26AM

      by Anonymous Coward on Tuesday October 02 2018, @12:26AM (#742559)

      So you lean more to the definition 'impossible' than you do 'impractical', that's nice. Very nice. It's just that it is not what it means in this context where you "fix" a bug by changing a 32-bit datatype to a 64-bit one.