Google Hacker Discloses New Linux Kernel Vulnerability and PoC Exploit

Google Hacker Discloses New Linux Kernel Vulnerability and PoC Exploit

A cybersecurity researcher with Google Project Zero has discharged the details, and a proof-of-concept (PoC) exploit for a high severity vulnerability that exists in Linux kernel since kernel version 3.16 through 4.18.8.

Discovered by SCS expert, the kernel vulnerability (CVE-2018-17182) could be a cache invalidation bug within the Linux memory management scheme that ends up in use-after-free vulnerability, which if exploited, may permit an attacker to achieve root privileges on the targeted system.

The use-after-free (UAF) vulnerabilities are a class of memory corruption bug that can be exploited by unprivileged users to corrupt or alter data in memory, enabling them to cause a denial of service (system crash) or escalate privileges to gain administrative access on a system.

Linux Kernel Exploit Takes an Hour to Gain Root Access

However, professional says his PoC linux kernel exploit created on the market to the public “takes concerning an hour to run before pop a root shell.”

Expert responsibly reported the vulnerability to linux kernel maintainers on September 12, and therefore the linux team mounted the problem in his upstream kernel tree inside 2 days, that expert said was “exceptionally quick, compared to the fix times of different software package vendors.”

The Linux kernel vulnerability was disclosed and was patched within the upstream-supported stable kernel versions 4.18.9, 4.14.71, 4.9.128, and 4.4.157 on the next day.

There’s additionally a fix in release 3.16.58.

Debian and Ubuntu Linux Left its Users Vulnerable for Over a Week

“However, a fix being within the upstream kernel doesn’t automatically mean that users’ systems are literally patched,” skilled noted.

The researcher was defeated knowing that some major linux distributions, as well as Debian and Ubuntu, left their users exposed to potential attacks by not releasing kernel updates over every week when the vulnerability was created public.

As of wednesday, each Debian stable and Ubuntu releases 16.04 and 18.04 had not patched the vulnerability

Leave a Reply

Your email address will not be published. Required fields are marked *