TLDR: Update your kernel.
https://www.zdnet.com/article/nasty-lin ... and-fixed/
Nasty Linux kernel bug found and fixed
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
- JoeFootball
- Level 13
- Posts: 4673
- Joined: Tue Nov 24, 2009 1:52 pm
- Location: /home/usa/mn/minneapolis/joe
Nasty Linux kernel bug found and fixed
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Re: Nasty Linux kernel bug found and fixed
This line from the linked article caught my eye:
So it's present in older kernels as well, i.e., 4.x kernels, etc.?This security hole was introduced back on Feb 28, 2019, in the Linux 5.1-rc1 kernel. It's now present in all Linux kernels. Yes, all of them.
- JoeFootball
- Level 13
- Posts: 4673
- Joined: Tue Nov 24, 2009 1:52 pm
- Location: /home/usa/mn/minneapolis/joe
Re: Nasty Linux kernel bug found and fixed
I see what you're saying by the author's wording, but I'm only seeing recent updates for 5.4.x, 5.11.x, and 5.13.x. The last update for 4.15.x was back on 2022-01-06.Schultz wrote: So it's present in older kernels as well, i.e., 4.x kernels, etc.?
Re: Nasty Linux kernel bug found and fixed
Good article by Steven but he forgot to say that after
Still it is another malicious local user vulnerability, though real. But nothing new, it is clear from the 2016 lwn article https://lwn.net/Articles/673597/ that the security of user namespaces were doubtful from the begging. I thought that on Debian handling of user namespaces by non-privileged process is disabled by default but, surprise, writing this on sid I've got
Edit: There is no problem in LMDE4 :
sudo sysctl -w kernel.unprivileged_userns_clone=0
the reboot is necessary as processes that are already running in a user namespace will stay.Still it is another malicious local user vulnerability, though real. But nothing new, it is clear from the 2016 lwn article https://lwn.net/Articles/673597/ that the security of user namespaces were doubtful from the begging. I thought that on Debian handling of user namespaces by non-privileged process is disabled by default but, surprise, writing this on sid I've got
Code: Select all
cat /proc/sys/kernel/unprivileged_userns_clone
1
/proc/sys/kernel/unprivileged_userns_clone = 0
-=t42=-
Re: Nasty Linux kernel bug found and fixed
If I am reading this correctly, the fix is in 5.4.0-96 which rolled out this past week.
I believe the other supported kernels had updates at approximately the same time, so I expect they also have the patch.linux (5.4.0-96.109) focal
* CVE-2022-0185
- SAUCE: vfs: Out-of-bounds write of heap buffer in fs_context.c
- SAUCE: vfs: test that one given mount param is not larger than PAGE_SIZE
A woman typing on a laptop with LM20.3 Cinnamon.