Linux kernel heap overflow sebezhetőség (remote, local, kernel privilégumok)

Bug

A sebezhetőség a TIPC kernelmodulban található. A kernelmodult az összes nagyobb Linux disztribúció szállítja, de alapértelmezetten nincs betöltve. További infók:

  • SentinelLabs has discovered a heap overflow vulnerability in the TIPC module of the Linux Kernel.
  • The vulnerability can be exploited either locally or remotely within a network to gain kernel privileges, allowing an attacker to compromise the entire system.
  • The TIPC module comes with all major Linux distributions but needs to be loaded in order to enable the protocol.
  • A patch has been released on the 29th of October and affects kernel versions between 5.10 and 5.15.
  • At this time, SentinelOne has not identified evidence of in-the-wild abuse.

Idővonal:

19 Oct 2021 - SentinelLabs supplied the initial vulnerability report to the Kernel.org team
19 Oct 2021 - Greg K.H. responds and adds the TIPC maintainers to the email thread
21 Oct 2021 - The patch is finalised
25 Oct 2021 - The patch is added to lore.kernel.org
29 Oct 2021 - The patch is added to the mainline repository
31 Oct 2021 - The patch is now officially under 5.15
04 Nov 2021 - SentinelLabs publicly disclose details of the vulnerability

Részletek itt.

( trey | 2021. 11. 04., cs – 14:55 )

 affects kernel versions between 5.10 and 5.15.

Linux alderaan 5.4.0-88-generic #99-Ubuntu SMP Thu Sep 23 17:29:00 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

Nem érint.

trey @ gépház

( _ventura_ v | 2021. 11. 04., cs – 17:56 )

haha

Jó az üreg a háznál :D

uname -r

2.6.18-419.el5xen

:D

Fedora 35, Thinkpad x280

( gaby | 2021. 11. 05., p – 09:42 )

Linux .......  5.14.15-200.fc34.x86_64 #1 SMP Wed Oct 27 15:53:30 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
:-(