Warning: Undefined array key "HTTP_ACCEPT_LANGUAGE" in /home/u596154002/domains/usbusinessreviews.com/public_html/wp-includes/load.php on line 2057

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the rank-math domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u596154002/domains/usbusinessreviews.com/public_html/wp-includes/functions.php on line 6114
Linux secure networking security bug found and fixed - Best Business Review Site 2024

Linux secure networking security bug found and fixed

[ad_1]

Nothing is quite as vexing as a security hole in a security program. Xiaochen Zou, a graduate student at the University of California, Riverside, went looking for bugs in Linux and found a whopper. This vulnerability, CVE-2022-27666, in IPSec‘s esp6 (Encapsulating Security Payload) crypto module can be abused for local privilege escalation.

The problem is your basic heap overflow hole. Xiaochen explained that  “the basic logic of this vulnerability is that the receiving buffer of a user message in esp6 module is an 8-page buffer, but the sender can send a message larger than 8 pages, which clearly creates a buffer overflow.” Yes, yes it will. 

As buffer overflows always are, this is bad news. As Red Hat puts it in its security advisory on the bug, “This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.” 

This is bad enough that both Red Hat and the National Institute of Standards and Technologies (NIST) give the hole a high Common Vulnerability Scoring System (CVSS) score of 7.8. Or, as I like to call vulnerabilities with such high scores, it’s a “Fix it now!” bug.

Also: Linux developers patch security holes faster than anyone else, says Google Project Zero

Red Hat also noted that if a Linux system is already using IPsec and has IPSec Security Associations (SA) configured, then no additional privileges are needed to exploit the hole. Since almost everyone uses IPSec and SAs are essential for the network security protocol, this means pretty much everyone with the vulnerable code in their Linux distro is open to attack. 

Xiaochen has found that the latest Ubuntu, Fedora, and Debian Linux distros can be hacked with it. Red Hat reports that Red Hat Enterprise Linux (RHEL) 8 is vulnerable. Specifically, if your Linux contains a 2017 esp6 crypto module, which contains the commits cac2661c53f3 and 03e2a30f6a27, it’s attackable.  

Usually, such an attack can knock a Linux system offline. Xiaochen dug into it deeper and found more. On his hunt, he found a way to get around Kernel Address-space Layout Randomization (KASLR). KASLR, as the name says, makes it harder to exploit memory vulnerabilities by placing processes at random, rather than fixed, memory addresses.

Also: Nasty Linux netfilter firewall security hole found

Then, after hanging the process, an attacker can use Filesystem in User Space (FUSE) to create his own filesystem and map memory on it. Consequently, all the read and write going through that memory will be handled by his own file system. Once that’s done, it’s relatively trivial to get root in the system. And, as we all know, once the attacker has root, it’s game over. The attacker’s now in charge of the computer. 

The good news is the fix is now available on UbuntuDebian, the Linux kernel, and most other distros. Now get patching!

[ad_2]

Source link

slot gacor slot gacor togel macau slot hoki bandar togel slot dana slot mahjong link slot link slot777 slot gampang maxwin slot hoki slot mahjong slot maxwin slot mpo slot777 slot toto slot toto situs toto toto slot situs toto situs toto situs toto situs toto slot88 toto slot slot gacor thailand slot bet receh situs toto situs toto slot toto slot situs toto situs toto situs toto situs togel macau toto slot slot demo slot pulsa slot pragmatic situs toto deposit dana 10k surga slot toto slot link situs toto situs toto slot situs toto situs toto slot777 slot gacor situs toto slot slot pulsa 10k toto togel situs toto slot situs toto slot gacor terpercaya slot dana slot gacor pay4d agen sbobet kedai168 kedai168 deposit pulsa situs toto slot pulsa situs toto slot pulsa situs toto situs toto situs toto slot dana toto slot situs toto slot pulsa toto slot situs toto slot pulsa situs toto situs toto situs toto toto slot toto slot slot toto akun pro maxwin situs toto slot gacor maxwin slot gacor maxwin situs toto slot slot depo 10k toto slot toto slot situs toto situs toto toto slot toto slot toto slot toto togel slot toto togel situs toto situs toto toto slot slot gacor slot gacor slot gacor situs toto situs toto cytotec toto slot situs toto situs toto toto slot situs toto situs toto slot gacor maxwin slot gacor maxwin link slot 10k slot gacor maxwin slot gacor slot pulsa situs slot 10k slot 10k toto slot toto slot situs toto situs toto situs toto bandar togel 4d toto slot toto slot situs toto toto slot