Local Root Exploit in Udev
The udev subsystem allows the Linux kernel, together with a userland program, to manage device nodes dynamically, adding and removing them at will. It has now been revealed that the communication channel between the kernel and program fails to authenticate, so that users can assume root privileges.
The udev subsystem and the udevd daemon communicate in userspace over the netlink interface. Sending KOBJECT_UEVENT messages unfortunately doesn't verify who sent them. The result is that normal users can assume read privileges for a random device. If the device has a major and minor number of the root block device, invasive code can be applied to alter the system. A root exploit could then be quite simple for an attacker.
The root exploit was discovered by Sebastian Krahmer of the SUSE Security Team, which had become apprised of the CVE-2009-1185 spoofing exposure. The udev “trickery" exploit also points to another vulnerability in the CVE-2009-1186 stack buffer overflow exposure. Unfortunately, MITRE has not released further details on these vulnerabilities. All larger Linux distros have openly declared to be affected by them, so the distros are now providing updated packages.
Issue 202/2017
Buy this issue as a PDF
News
-
LibreOffice 5.4 Released
Comes with improved support for Microsoft Office file formats.
-
Red Hat to Drop Support for Btrfs
The company is building their own storage solution called Stratis.
-
Reinvent your network with DevOps tools and techniques:
Opportunities and Risks: Containers for DevOps
Automated Builds Using CentOS 7 and Kickstart
Elasticsearch, Logstash, and Kibana – The ELK stack
Are you ready for DevOps? Try your luck with the beta version of Linux Professional Institute's new DevOps exam.
-
Kolab Now Integrates Collabora Online
Kolab Now subscribers now have access to Collabora Online.
-
Endless OS, a Distribution Without Internet
A new version of Endless OS has been released.
-
GitHub Announces Open Source Friday Program
They encourage people to take time out and work on open source projects on Friday.
-
System76 Announces Their Own Distro, Pop!_OS
Pop!_OS is based on Ubuntu and uses the Gnome stack.
-
Linus Torvalds Talks About His Motivation
He never tires of working on the Linux kernel.
-
Debian 9 Stretches Its Wings
The new release of Debian has a very strong focus on security.
-
Trojan Turns Raspberry Pi into a Cryptocurrency Mining Device
Two trojans in the wild are targeting Linux machines.