The Protect IU Blog

    Linux Kernel Vulnerability

    Recently, it was announced that the linux kernel was discovered to be vulnerable to a local privilege escalation attack. Under certain conditions, a local attacker could exploit this vulnerability to gain root privileges. Local privilege escalation attacks can sometimes be used in blended attacks allowing remote attackers to take control of systems.

    Several exploits have been publicly released that attack this vulnerability.

    This vulnerability is not particularly unique. Researchers very regularly discover bugs in the linux kernel which can be exploited. And new kernels that include the security patch are already available for major linux distributions.

    The UISO recommends that linux sysadmins take this opportunity to update update their kernel packages. The UISO also recommends always keeping your linux kernel packages updated with the most recent, secure, stable version.

    Events like this serve as a great example of why it is so important for sysadmins to monitor security advisories that affect their systems. The UISO keeps a list of advisory sites and feeds for major software vendors.

    Links:

    [1] http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=e268337dfe26dfc7efd422a804dbb27977a3cccc
    [2] https://rhn.redhat.com/errata/RHSA-2012-0052.html
    [3] https://rhn.redhat.com/errata/RHSA-2012-0061.html
    [4] http://www.ubuntu.com/usn/usn-1342-1/
    [5] http://www.ubuntu.com/usn/usn-1336-1/
    [6] https://protect.iu.edu/cybersecurity/indepth

    Further reading:

    RedHat KB: https://access.redhat.com/kb/docs/DOC-69129
    RedHat Bug Report: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0056
    CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0056