Linux Vulnerable To Fifteen-Year-Old Security Bugs

Some distributions of Linux are vulnerable to three fifteen-year-old vulnerabilities that have only recently been discovered and patched, researches say.

The bugs were introduced in 2006, but were recently discovered by security firm Grimm, which said they had been found in a “forgotten corner of the mainline Linux kernel“.

“Unlike most things that we find gathering dust, these bugs turned out to still be good, and one turned out to be useable as a Local Privilege Escalation (LPE) in multiple Linux environments,” wrote Grimm researcher Adam Nichols in an advisory.

Root privileges

The three bugs are identified as CVE-2021-27365, CVE-2021-27363 and CVE-2021-27364.

The most serious of the three, CVE-2021-27365, has a high 7.8 risk level and can be used by a local attacker with basic access privileges to obtain root privileges by triggering a heap buffer overflow, Nichols said.

The flaw was introduced when the iSCSI subsystem was first being developed, he said.

“The vulnerability is triggered by setting an iSCSI string attribute to a value larger than one page, and then trying to read it,” he wrote.

While the bug itself requires local access to exploit, it can be used in combination with remotely exploitable bugs to pose more of a danger to Linux systems.

SCSI and iSCSI are used to handle venerable types of storage systems, but the drivers in question can be loaded by default on some distributions, or attackers can cause them to load, Nichols said.

Compatibility vs. security

“The presence of loaded kernel modules relating to the iSCSI subsystem on machines that don’t have attached iSCSI devices is a potential indicator of compromise,” he wrote.

The second most-serious bug, CVE-2021-27364, can cause an information leak or a denial-of-service. Nichols said Grimm has developed a proof-of-concept exploit for both of these flaws.

The third issue could allow an information leak only, making it less serious.

Nichols said old flaws can pose a threat to modern Linux systems because of the way Linux is designed to support older hardware.

“The bottom line is that this is still a real problem area for the Linux kernel because of the tension between compatibility and security,” he wrote.

Kernel update

“Administrators and operators need to understand the risks, their defensive options, and how to apply those options in order to effectively protect their systems.”

The company has provided information in its advisory on how to identify whether a given distribution is vulnerable.

However, patches became available in the mainline Linux kernel earlier this month, and systems using those updated kernels are not susceptible to these attacks.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

WeChat Fixes Content ‘Glitch’ Amidst Regulatory Pressure

Tencent fixes 'loophole' that allowed Bing and Google to temporarily display WeChat results, as China…

4 hours ago

REvil Hacking Gang Forced Offline In Multi-Country Operation

Law enforcement and intelligence agencies in the US and partner countries hack REvil's infrastructure and…

4 hours ago

Snap Shares Slump On Apple Privacy Disruption

Shares in Snapchat developer Snap drop after it projects prolonged slump in ad revenues from…

5 hours ago

Italy ‘Negotiating With Intel’ Over 4bn Euro Chip Plant

Italy reportedly preparing offer to Intel over plans for 4bn advanced microprocessor packaging plant, part…

5 hours ago

Robot Artist Freed By Egyptian Customs After Spy Detention

Ai-Da, a robot that uses artificial intelligence to create art, was detained by Egyptian customs…

6 hours ago

Amazon Faces Fresh Union Drive In New York City

More than 2,000 Amazon warehouse workers in New York City sign union cards, as company…

6 hours ago