Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Linux Kernel 64bit ABI System Call Parameter Sign Extension Security Issue
A security issue has been reported in the Linux Kernel, which can be exploited by malicious, local users to potentially cause a DoS (Denial of Service) or gain escalated privileges.
The security issue is caused due to the kernel accepting certain 32bit parameters passed in a 64bit register from userspace without ensuring that the value is correctly sign extended. This may be exploited to crash a system or potentially gain escalated privileges by passing specially crafted parameters to affected system calls.
Reportedly, the following architectures use a vulnerable ABI system when running a 64bit kernel and a 64bit userspace:
Linux Kernel dell_rbu Denial of Service Security Issues
Two security issues have been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
The security issues are caused due to errors within the "read_rbu_image_type()" and "read_rbu_packet_size()" functions in drivers/firmware/dell_rbu.c and can be exploited to crash a vulnerable system by e.g. reading zero bytes from /sys/devices/platform/dell_rbu/image_type or /sys/devices/platform/dell_rbu/packet_size.
Update to version 18.104.22.168 or 22.214.171.124.
Some vulnerabilities have been reported in the Linux Kernel, which potentially can be exploited by malicious, local users to cause a DoS (Denial of Service).
1) A vulnerability is caused due to an error within the "make_indexed_dir()" function in fs/ext3/namei.c, which can be exploited to e.g. crash a system via a specially crafted Ext3 system.
2) A vulnerability is caused due to an error within the "inotify_read()" function in fs/notify/inotify/inotify_user.c, which can result in the device's list mutex being unlocked twice. This can be exploited to e.g. cause a system crash by passing an invalid pointer to the "read()" function of an inotify instance while simultaneously accessing it from different tasks.
The vulnerabilities are reported in versions prior to 126.96.36.199 and 188.8.131.52. Other versions may also be affected.
Update to version 184.108.40.206 and 220.127.116.11.
Linux Kernel 64 Bit ABI System Call Parameter Privilege Escalation Vulnerability
The Linux Kernel is prone to a local privilege-escalation vulnerability.
A local attacker may be able to exploit this issue to read or write to unintended address spaces. This may result in denial-of-service conditions, the disclosure of sensitive information, or privilege escalation.
This issue affects versions prior to Linux 18.104.22.168 on some 64-bit architectures, including s390, PowerPC, SPARC64, and MIPS. Additional architectures may also be affected.
Linux Kernel SysKonnect FDDI Driver Statistics Reset Security Bypass
A weakness has been reported in the Linux Kernel, which can be exploited by malicious, local users to bypass certain security restrictions.
The weakness is caused due to a logic error within the "skfp_ioctl()" function in drivers/net/skfp/skfddi.c, which can be exploited to reset the driver statistics without having CAP_NET_ADMIN capabilities.
The weakness is reported in versions prior to 22.214.171.124 and 126.96.36.199.