This could be a great time to patch your Linux kernel

Patch to address significant security bug has been released

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Cybersecurityresearchers have helped fix a critical heap-overflow security vulnerability in theLinuxkernel that could be exploited either locally or through remote code execution (RCE) to compromise the vulnerableLinux computers.

Discovered by SentinelLabs’ researcher Max Van Amerongen, the vulnerability tracked as CVE-2021-43267 exists in the Transparent Inter Process Communication (TIPC) module of the kernel, specifically in a message type that allows nodes to send cryptographic keys to each other.

“This vulnerability can be exploited both locally and remotely. While local exploitation is easier due to greater control over the objects allocated in the kernel heap, remote exploitation can be achieved thanks to the structures that TIPC supports,”notesAmerongen.

Since the affected message type is relatively new, the bug only exists in kernel releases between v5.10 and v5.15.

Caught within an year

The researcher explains that the vulnerable message type, called MSG_CRYPTO, was introduced in September 2020, for exchanging cryptographic keys.

However, Amerongen discovered that while the message type made various allocations for transferring the keys, it failed to check and validate some of them.

This oversight could, for instance, enable an attacker to create a packet with a small body size to first allocate heap memory, and then use an arbitrary size in an unchecked attribute to write outside the bounds of this location, explains Amerongen.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Perhaps the one saving grace that has ensured that the vulnerability hasn’t been exploited in the wild is that while the TIPC module comes with all majorLinux distros, it’s not enabled by default, which it needs to be for the attackers to exploit.

In any case, a patch has been released that adds appropriate size-verification checks to the process, which has already been added to the mainlineLinux 5.15Long Term Support (LTS) release.

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics

This new phishing strategy utilizes GitHub comments to distribute malware

Smeg Combi Steam Oven review: a multi-functional countertop oven that looks stunning and cooks well