Linux Kernel Exploit Affecting Linux 3.3 To Linux 3.8
Posted by Michael Larabel on February 25, 2013
A Linux kernel exploit was made public this weekend that affects versions of Linux going back to the 3.3 kernel. This exploit allows for user-space programs to gain root access through a bug in the kernel's networking code.
As reported on Sunday with a CVE request, "An unprivileged user can send a netlink message resulting in an out-of-bounds access of the sock_diag_handlers array which, in turn, allows userland to take over control while in kernel mode."
It appears that individuals have been exploiting this kernel bug for some time. The bug was known to exist privately going back to mid-2012 but wasn't corrected until Saturday with these net patches.
The issue will be addressed in the Linux 3.9 kernel and should make it back to the latest stable point releases of the affected Linux kernel series.
Discuss this article in our forums, IRC channel, or email the author. You can also follow our content via RSS and on social networks like Facebook, Identi.ca, and Twitter (@Phoronix and @MichaelLarabel). Subscribe to Phoronix Premium to view our content without advertisements, view entire articles on a single page, and experience other benefits.