How attackers break into out-of-date kernels

Kernel Trouble

Article from Issue 285/2024
Author(s):

This deep look at how intruders attack an out-of-date kernel should be enough to convince you of the need to stay vigilant.

The multitudinous varieties of attacks that can affect OSs are hard to keep up with, but recently I wanted to test some Linux kernel exploits to keep up with my interest in ethical hacking. Such attacks often occur once access has been gained to a system. They are sometimes used in order to achieve privilege escalation – in other words, to boost a non-root user's privileges to the level of the root user in order to gain full control of the system.

It is easy to become content with the kernel you are running and forget to install all the updates and upgrade the system when the kernel is no longer supported. Many users install long-term support (LTS) Linux systems and get so used to them after five years that they aren't in a hurry to upgrade when the service cycle ends.

This article will introduce you to some techniques intruders use to attack old kernels, and, in case you ever had any doubts, it should convince you to never fall behind on those kernel patches and updates.

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Kernel Tips

    Worried about a recent security exploit? Want to take advantage of a new hardware feature? You don’t need to be a Linux expert to patch and compile the Linux kernel. We'll show you how to get started.

  • Stopping Drive-By Attacks

    You won't find a perfect solution to the growing problem of drive-by attacks, but many tools are available to help you keep malicious code off your network.

  • News

    In the news: Lenovo now offering Fedora Linux as an option; System76 launches new high-end kaptop; Mozilla lays off staff, receives more cash; VirtualBox now supports Linux Kernel 5.8; three major threats to Linux discovered; and Linux Kernel 5.8 is now available.

  • Compromising WordPress

    WordPress is an incredibly popular tool for building websites, and don't think the attackers haven't noticed. We'll show you what to watch for.

  • Security Lessons

    When it comes to security, public disclosure of vulnerabilities and working exploit code is now common. We look at why this can be both harmful and helpful to securing your systems.

comments powered by Disqus