Linux kernel found to have a trio of 15-year-old vulnerabilities that could allow root acc

topics gone triple plat - Number 1 spot 3X PLAT

most viewed right now
+77  28
79 replies  @wild'ish

section  x1   |  0 bx goons and 1 bystanders Share this on Twitter       Share this on Facebook

section tech
 1 month ago '15        #1
1284 page views

Teflon Taliban  topics gone triple plat - Number 1 spot x143
Props total: 127088 127 K  Slaps total: 15441 15 K
Linux kernel found to have a trio of 15-year-old vulnerabilities that could allow root acc


Linux-based operating systems are generally recognized as being far more secure than the likes of Windows and macOS -- but that's not to say they're without their flaws. Illustrating precisely this is the discovery of no fewer than three vulnerabilities in the Linux kernel that could be exploited to gain root access to a system.

That researchers from cybersecurity firm GRIMM managed to find so many vulnerabilities in the Linux kernel is one thing, the fact that they have lain there undetected for 15 years is quite another.

The vulnerabilities (which are being tracked as CVE-2021-27363, CVE-2021-27364 and CVE-2021-27365) exist in the kernel's iSCSI module. While the exploitable module is not loaded by default, Linux kernel's support for on-demand loading of modules means that it can be easily called to action -- the exploit has been found to be possible in all tested version of Red Hat as well as other distributions.

Over on the GRIMM blog, security researcher Adam Nichols says:

We found three bugs in a forgotten corner of the mainline Linux kernel that turned out to be about 15 years old. Unlike most things that we find gathering dust, these bugs turned out to still be good, and one turned out to be useable as a Local Privilege Escalation (LPE) in multiple Linux environments.

Talking to security site SC Media, Nichols explains:

If you already had execution on a box, either because you have a user account on the machine, or youíve compromised some service that doesn't have repaired permissions, you can do whatever you want basically.

There is something of a blessing in the fact that the vulnerabilities exist "in code that is not remotely accessible, so this isn't like a remote exploit" -- but this does not mean they are harmless. Nichols warns that that they take "any existing threat that might be there. It just makes it that much worse. And if you have users on the system that you donít really trust with root access it, it breaks them as well".

In the blog post which details the three vulnerabilities, Nichols explains the type of systems that are affected:

In order for these bugs to be exposed to userland, the scsi_transport_iscsi kernel module must be loaded. This module is automatically loaded when a socket call that creates a NETLINK_ISCSI socket is performed. Additionally, at least one iSCSI transport must be registered with the iSCSI subsystem. The ib_iser transport module will be loaded automatically in some configurations when an unprivileged user creates a NETLINK_RDMA socket.

As SC Media explains: "The bugs have been patched in the following kernel releases: 5.11.4, 5.10.21, 5.4.103, 4.19.179, 4.14.224, 4.9.260, and 4.4.260. All older kernels are end-of- life and will not receive patches".

You can read more about the vulnerabilities in the full GRIMM write up here > visit this link https://blog.grimm-co.com .. ux-kernel.html
visit this link Source


Top 10 most propped recently  1 month ago '20        #2
confidential1  topics gone triple plat - Number 1 spot x1
Props total: 41729 41 K  Slaps total: 2173 2 K
Welp Apple stock might take a hit considering that Mac OS are based on the Linux kernel ... ijs

 1 month ago '16        #3
Sire  topics gone triple plat - Number 1 spot x3
Props total: 15138 15 K  Slaps total: 1173 1 K
 confidential1 said
Welp Apple stock might take a hit considering that Mac OS are based on the Linux kernel ... ijs
mad sh*t runs on linux distros.

and not just the front facing services like an os, app ui, etc.

they all use 3rd party architecture like data storage, cms, database management, multi factor authentication, chat/messaging, etc that are running on linux distros.

sh*t most of the enterprise level hacks we see nowadays are on 3rd party vendors that provide services to thousands of high level clients.

android and chrome/chromium os are based on linux distros too (tho i dont know if their degree of customization still leaves these vulnerabilities in tact).

Sign me up


most viewed right now
online now  7
Apr 15 - Single NJ deli doing $35,000 in sales valued at $100 million in the s..
1 day ago
most viewed right now
-31online now  5
Video inside Apr 15 - Latin Kings have Announced War against the Chicago PD
1 day ago
most viewed right now
+81online now  3
Image(s) inside Apr 15 - Certificate Of Vaccine I.D '19 reactions thus far...
1 day ago
most viewed right now
online now  3
Who is the greatest cornerback of all time skill wise
1 day ago
back to top
register register Follow BX @ Twitter search BX privacyprivacy