A Google data centre in Oklahoma. Image credit: Google
Some distributions of Linux are vulnerable to three fifteen-year-old vulnerabilities that have only recently been discovered and patched, researches say.
The bugs were introduced in 2006, but were recently discovered by security firm Grimm, which said they had been found in a “forgotten corner of the mainline Linux kernel“.
“Unlike most things that we find gathering dust, these bugs turned out to still be good, and one turned out to be useable as a Local Privilege Escalation (LPE) in multiple Linux environments,” wrote Grimm researcher Adam Nichols in an advisory.
The three bugs are identified as CVE-2021-27365, CVE-2021-27363 and CVE-2021-27364.
The most serious of the three, CVE-2021-27365, has a high 7.8 risk level and can be used by a local attacker with basic access privileges to obtain root privileges by triggering a heap buffer overflow, Nichols said.
The flaw was introduced when the iSCSI subsystem was first being developed, he said.
“The vulnerability is triggered by setting an iSCSI string attribute to a value larger than one page, and then trying to read it,” he wrote.
While the bug itself requires local access to exploit, it can be used in combination with remotely exploitable bugs to pose more of a danger to Linux systems.
SCSI and iSCSI are used to handle venerable types of storage systems, but the drivers in question can be loaded by default on some distributions, or attackers can cause them to load, Nichols said.
“The presence of loaded kernel modules relating to the iSCSI subsystem on machines that don’t have attached iSCSI devices is a potential indicator of compromise,” he wrote.
The second most-serious bug, CVE-2021-27364, can cause an information leak or a denial-of-service. Nichols said Grimm has developed a proof-of-concept exploit for both of these flaws.
The third issue could allow an information leak only, making it less serious.
Nichols said old flaws can pose a threat to modern Linux systems because of the way Linux is designed to support older hardware.
“The bottom line is that this is still a real problem area for the Linux kernel because of the tension between compatibility and security,” he wrote.
“Administrators and operators need to understand the risks, their defensive options, and how to apply those options in order to effectively protect their systems.”
The company has provided information in its advisory on how to identify whether a given distribution is vulnerable.
However, patches became available in the mainline Linux kernel earlier this month, and systems using those updated kernels are not susceptible to these attacks.
Ouch. Italian prosecutors to drop tax case against Google, after tech giant agreed to pay…
High Court in the UK rules that Chinese owner must sell stake in Scottish chip…
Workers at Amazon warehouse near Raleigh vote against joining union, as company continues to challenge…
High-profile meeting with tech leaders seen as signal China is boosting tech sector after years…
South Korea hopes to gain leg up in international AI race with infusion of private…
Chinese electric vehicle giants rush to incorporate DeepSeek AI tech to cars after it creates…