Threat Level: green Handler on Duty: Yee Ching Tok

SANS ISC: And *another* 0-day Linux kernel vulnerability SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
And *another* 0-day Linux kernel vulnerability
And if we didn't have enough for this weekend, an exploit for another Linux kernel privilege escalation vulnerability has been posted.

The exploit seems to be working on all 2.6.x kernels and is not related to the previous exploit we've written about.

From limited testing we've done so far, SELinux is blocking this exploit successfully, so the exploit didn't work on RedHat Enterprise Linux 4 machines we've tested this on.

Also, the published exploit depends on the a.out support in the kernel (the CONFIG_BINFMT_AOUT has to be set), but the vulnerability can be exploited no matter if a.out is supported or not.

I will be teaching next: Web App Penetration Testing and Ethical Hacking - SANS Amsterdam November 2021

Bojan

400 Posts
ISC Handler
Jul 15th 2006

Sign Up for Free or Log In to start participating in the conversation!