Linux security systems have a rather damaging safety flaw
Admins urged to patch Linux systems immediately
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Red Hat has released a patch for a recently discovered vulnerability that allowed for local privilege escalation, putting all manner of Linux systems potentially at risk.
As explained in the advisory, the vulnerability, tracked as CVE-2022-27666, was discovered in IPSec’s Encapsulating Security Payload (esp6) crypto module or, in other words, a basic heap overflow vulnerability.
The flaw was discovered by one Xiaochen Zou - a graduate student at the University of California, Riverside. He explained how “the basic logic of this vulnerability is that the receiving buffer of a user message in esp6 module is an 8-page buffer, but the sender can send a message larger than 8 pages, which clearly creates a buffer overflow.”
We’re looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn’t take more than 60 seconds of your time. Thank you for taking part.
Click here to start the survey in a new window«
Crashing the system
In Red Hat’s advisory, the flaw was described as allowing a threat actor with normal user privilege to overwrite kernel heap objects, which may cause local privilege escalation.
The vulnerability was given a severity score of 7.8.
Red Hat has also warned admins that on Linux systems already using IPsec and having IPSec Security Associations (SA) configured, a threat actor would need no additional privileges to exploit the vulnerability.
However, these are essential for the network security protocol, ZDNet claims, meaning “pretty much everyone with the vulnerable code” in theirLinux distrois a potential target.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
This major Linux security vulnerability has been fixed, so patch now>Linux devs fix nasty vulnerability dating back half a decade>These critical security bugs put Linux servers at risk of attack
According to Xiaochen, the newest Ubuntu, Fedora, and Debian Linux distros are all vulnerable, as well as Red Hat Enterprise Linux (RHEL) 8. This flaw can bring a Linux system offline, it was said.
The same patch also addresses CVE-2022-1055, a use-after-free vulnerability that was found in the network traffic control implementation, which can also crash a vulnerable system. It can also be used to gain elevated privileges, and was described as “high priority” for patching.
Given that the two vulnerabilities allow for privilege escalation and could be used for denial of service attacks, administrators are urged to patch up theirendpointsas soon as possible.
Via:ZDNet
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
HPE reveals critical security bug affecting networking access points
A critical Palo Alto Networks bug is being hit by cyberattacks, so patch now
Scammers are using fake copyright infringement claims to hack businesses
