Privilege escalation in Linux kernel

Published: 2017-08-07 16:21:48
Severity Medium
Patch available YES
Number of vulnerabilities 1
CVSSv2 6.3 (AV:L/AC:L/Au:N/C:C/I:C/A:C/E:H/RL:OF/RC:C)
CVSSv3 8.3 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE ID CVE-2017-7533
CWE ID CWE-362
Exploitation vector Local
Public exploit This vulnerability is being exploited in the wild.
Vulnerable software Linux kernel
Vulnerable software versions Linux kernel 4.12.1
Linux kernel 4.12.2
Linux kernel 4.12.3
Linux kernel 4.12.4
Vendor URL Linux Foundation
Advisory type Public

Security Advisory

1) Race condition

Description

The vulnerability allows a local user to execute arbitrary code with escalated privileges.

The vulnerability exists due to a race condition in the fsnotify implementation in the Linux kernel through 4.12.4. A local user can create an application, which leverages simultaneous execution of the inotify_handle_event and vfs_rename functions and trigger memory corruption and denials of service attack or execute arbitrary code on the target system with root privileges.

Successful exploitation of this vulnerability may allow a local user to obtain elevated privileges on the system.

Note: this vulnerability is being active exploited in the wild for 32-bit systems in August 2017.

Remediation

Install update from vendor's repository.

External links

http://openwall.com/lists/oss-security/2017/08/03/2
https://bugzilla.redhat.com/show_bug.cgi?id=1468283
https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1408967.html
https://patchwork.kernel.org/patch/9755753/
https://patchwork.kernel.org/patch/9755757/
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=49d31c2f389acfe8341708...

Back to List