Menu
Eleven-year-old root flaw found and patched in the Linux kernel

Eleven-year-old root flaw found and patched in the Linux kernel

The vulnerability is in the kernel code supporting the Datagram Congestion Control Protocol, which is enabled on many Linux distributions

Linux system administrators should be on the watch for kernel updates because they fix a local privilege escalation flaw that could lead to a full system compromise.

The vulnerability, tracked as CVE-2017-6074, is over 11 years old and was likely introduced in 2005 when the Linux kernel gained support for the Datagram Congestion Control Protocol (DCCP). It was discovered last week and was patched by the kernel developers on Friday.

The flaw can be exploited locally by using heap spraying techniques to execute arbitrary code inside the kernel, the most privileged part of the OS. Andrey Konovalov, the Google researcher who found the vulnerability, plans to publish an exploit for it a few days.

While they cannot be exploited remotely, local privilege escalation vulnerabilities like this one are still dangerous because they can be combined with other flaws that give remote hackers access to a lower privileged account on a system.

In order for this flaw to be exploitable, the kernel needs to be built with the CONFIG_IP_DCCP option. Many distributions use kernels built with this option, but some don't.

Red Hat announced that Red Hat Enterprise Linux 5, 6, 7, and Red Hat Enterprise MRG 2 kernels are affected. The company has released patches for Red Hat Enterprise Linux 6 and 7 and for the Red Hat Enterprise Linux for Real Time for NFV (v. 7) (kernel-rt).

The Debian project released fixed kernel packages for Debian 7 Wheezy and Debian 8 Jessie, the "old stable" and "stable" versions of the distribution. Debian Stretch (testing) and Sid (unstable) have not been patched yet.

Patches are also available for Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. As far as SUSE goes, only SUSE Linux Enterprise Server 10 is affected and patches for it are only available to customers with long term service pack support. The kernels in SUSE Linux Enterprise Server 11 SP 1 to 4 and SUSE Linux Enterprise Server 12 SP 1 and 2 are not built with support for the DCCP protocol.

Administrators should check with their Linux distribution providers to check if their systems are vulnerable and if patches are available. There is also a mitigation available that involves manually disabling the DCCP kernel module.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Events

Why experience is the new battleground for partners

Join us for an exclusive webinar, in association with Hewlett Packard Enterprise and Technology Services Industry Association (TSIA) and learn about the latest industry insights and how technology services continue to evolve to deliver differentiated value, and how partners can be successful in 2021 and beyond.

Featured

Slideshows

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

Hundreds of leaders from the New Zealand IT industry gathered at the Hilton in Auckland on 17 November to celebrate the finest female talent in the Kiwi channel and recognise the winners of the Reseller News Women in ICT Awards (WIICTA) 2020.

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards
Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards

Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards

The leading female front runners of the New Zealand ICT industry joined together for the annual Reseller News Women in ICT Awards event at the Hilton in Auckland, during which hundreds of guests celebrated 13 outstanding individuals who won awards, chosen from more than 50 finalists representing over 30 organisations.

Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards
Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners

Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners

More than 500 channel leaders gathered in Auckland on 21 October at the ​Reseller News Innovation Awards ​2020 to celebrate the achievements of the New Zealand technology industry's top partners, start-ups, vendors, distributors and individuals.

Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners
Show Comments