Security Expert Re: New Vulnerability Found in Linux Kernel

By   ISBuzz Team
Writer , Information Security Buzz | Apr 29, 2021 04:44 am PST


Cisco Talus discovered an information-disclosure security vulnerability in the Linux kernel, which can be exploited to expose information in the kernel stack memory of vulnerable devices.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Shachar Menashe
Shachar Menashe , VP Security
April 29, 2021 12:52 pm

<p style=\"font-weight: 400;\">This newly discovered vulnerability indeed looks very actionable and easy to exploit under the right technical conditions, so we recommend affected vendors update their kernel or apply the patch.</p> <p> </p> <p style=\"font-weight: 400;\">These kinds of vulnerabilities are almost exclusively used as part of a local privilege escalation attack chain to circumvent the Linux kernel randomization (KASLR) mitigation.</p> <p style=\"font-weight: 400;\"> </p> <p style=\"font-weight: 400;\">This new discovery illustrates the value of automated applicability scanning, which helps determine if a new vulnerability can be realistically exploited. In this case, we found that the vulnerability is only exploitable in devices under one of the following specific conditions:</p> <p style=\"font-weight: 400;\"> </p> <ol> <li style=\"font-weight: 400;\">The kernel is built with CONFIG_HAVE_ARCH_TRACEHOOK (quite common)</li> <li style=\"font-weight: 400;\">The kernel is built with CONFIG_RANDOMIZE_BASE (KASLR, less common on embedded devices)</li> <li style=\"font-weight: 400;\">The kernel is a 32-bit kernel</li> </ol> <p> </p> <p style=\"font-weight: 400;\">Regarding point #2, note that the vulnerability is probably not applicable on ARM 32-bit devices since a vanilla Linux ARM32 kernel does not have KASLR. Some kernel forks, such as Android, have backported the KASLR feature to 32-bit, but since the vulnerability is only relevant on Linux kernel 5.1 and later, we assume no Android devices will be affected.</p>

Last edited 2 years ago by Shachar Menashe

Recent Posts

Would love your thoughts, please comment.x