‘Sequoia’ – Linux kernel vulnerability that affects most of your installations and allows you to gain root privileges

The analysis crew of the cybersecurity firm Qualys has found a vulnerability within the Linux kernel that impacts, as we speak, most installations of the GNU / Linux working system.

Actually, researchers have been capable of confirm its presence in default installations of such fashionable (and trendy) distros akin to Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04, Debian 11 and Fedora 34 Workstation.

“Different Linux distributions are definitely weak and possibly exploitable.”

As quickly as Qualys confirmed the issue (virtually a month and a half in the past), contacted the kernel builders to deliver it to their information in order that they may patch it earlier than it grew to become extensively identified.

Due to this fact, its publication as we speak (this Text file decide up an in depth clarification of how the exploit works, produced by Qualys) has been the results of an settlement with the builders.

What are the results of this vulnerability?

This vulnerability, baptized as CVE-2021-33909 Y apodada ‘Sequoia’, permits any consumer to use the default settings to carry out an area elevation of privilege – that’s, that an unprivileged consumer can get root privileges—.

The issue lies with the kernel layer chargeable for managing the file system (that’s, how the information of the system and of the consumer are saved); particularly, it’s associated to the interface seq_file, chargeable for producing the digital information that include sequences of information.

Based on the researchers, so far as they know, the vulnerability was integrated into the kernel 7 years in the past now, in model 3.16 of the identical, as a part of the commit 058504ed out of your repository.

It was not the one vulnerability detected

However this has not been the one main Linux vulnerability found in latest months by Qualys: on the identical time that they reported the existence of Sequoia, they did so with one other one baptized as CVE-2021-33910.

This impacts systemd (a software program package deal chargeable for beginning all different Linux elements after booting) and leaves the system weak to a ‘kernel panic’. This second vulnerability has been current on this instrument since April 2015.

By way of | Qualys

Be the first to comment

Leave a Reply

Your email address will not be published.