acm-header
Sign In

Communications of the ACM

ACM TechNews

High Severity Linux Network Security Holes Found, Fixed


View as: Print Mobile App Share:
Artist's representation of a security hole as a hole in a padlock.

An analyst for enterprise security solution provider Positive Technologies identified (and patched) five high-severity security vulnerabilities in the Linux kernel's virtual socket implementation.

Credit: channelfutures.com

Positive Technologies' Alexander Popov detected five high-severity security vulnerabilities in the Linux kernel's virtual socket implementation that could be used to gain root access and launch a Denial of Service attack.

The vulnerabilities (CVE-2021-26708) were found in Red Hat's community Linux distribution Fedora 33 Server but exist in the system using the Linux kernel from version 5.5 to the current mainline kernel version 5.11-rc6.

The security holes were created with the addition of virtual socket multi-transport support, and users running virtual machines on the cloud are particularly vulnerable.

Said Popov, "I successfully developed a prototype exploit for local privilege escalation on Fedora 33 Server, bypassing x86_64 platform protections such as SMEP and SMAP. This research will lead to new ideas on how to improve Linux kernel security."

Popov also created patches for the vulnerabilities, which have been accepted into Linux 5.10.13.

From ZDNet
View Full Article

 

Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account