According to researchers, this LPE bug exists in the file system layer, which is used by all major Linux operating systems and helps manage user data.
The flaw, called “Sequoia” and tracked as CVE-2021-33909, was discovered in June by researchers at cybersecurity firm Qualys.
They said in a blog post that an unprivileged local attacker could exploit CVE-2021-33909 by creating, mounting, and deleting deep directory structures with a total path length of more than 1 GB.
Bharat Jogi, Senior Manager of Qualys Vulnerability and Signature, said:
Researchers said they were able to develop an exploit for this vulnerability and also used it to gain full root privileges on the default installation of Debian 11, Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04 and Fedora 34 workstations. I did.
Separately, Qualys researchers have detailed a stack depletion denial of service (DoS) bug that could allow an unprivileged attacker to launch an attack on systemd (system and service manager), causing a kernel panic. Is also disclosed.
systemd is a software suite available on most Linux operating systems and is used to boot all other system components after booting.
This vulnerability, tracked as CVE-2021-33910, was introduced in systemd v220 in April 2015 and affects all systemd versions released since then. According to researchers, this bug requires a local attacker who has the ability to mount the file system with a long path.
Qualys notified Red Hat Product Security of two flaws in early June, and Red Hat sent a patch to the linux-distros @ openwall mailing list earlier this month. Red Hat has also released a vulnerability detection script to determine if your machine is currently vulnerable.
Users running affected versions of Red Hat products are also encouraged to apply the available patches as soon as possible. At the time of writing, patches for Ubuntu-based systems were not available. The details of these two bugs occur about a month after security researchers discovered a vulnerability in some Linux distributions seven years ago. This allows unprivileged local users to bypass authentication and gain root access.
The bug exists in Polkit System Service and was patched last month. In 2017, Positive Technologies researcher Alexander Popov discovered an old flaw in the Linux kernel introduced in the code in 2009.
Another old Linux security flaw called “Dirty COW” zero-day was introduced in 2007 and patched in 2016. It was used in many attacks before the patch was applied. A Linux kernel bug “Sequoia” allows an attacker to gain root-level privileges
Source link A Linux kernel bug “Sequoia” allows an attacker to gain root-level privileges