Five high-severity vulnerabilities identified in Linux kernel: Patch them now

Alexander Popov, a cybersecurity specialist, reported the finding of at least five security vulnerabilities in the implementation of the Linux system kernel’s virtual socket. According to his report, the successful exploitation of these flaws would allow local privilege escalation attacks to be carried out on the affected systems.

As you may remember, a privilege escalation consists in exploit a security error, design flaw or configuration oversight in an operating system or software application to gain elevated access to resources that would normally be restricted.

This set of flaws was tracked as CVE-2021-26708 and received a score of 7.7/10 on the scale of the Common Vulnerability Scoring System (CVSS), so it is considered a high severity error.

Popov mentions that these flaws are the result of a set of race conditions implicitly added with virtual socket transport support: “The flaws appeared with the release of Linux kernel version 5.5, available since November 2019.”

Vulnerable kernel drivers (CONFIG_VSOCKETS and CONFIG_VIRTIO_VSOCKETS) are sent as kernel modules on all major GNU/Linux distributions. In addition, vulnerable modules are loaded automatically with the creation of an AF_VSOCK socket, a capability that is available to users without administrator privileges.

In his report the expert claims to have successfully developed an exploit to perform a local privilege escalation on Fedora 33 Server, dodging security mechanisms on the x86_64 platform such as SMEP and SMAP: “This research will help developers adopt new ideas for improving security in the Linux kernel,” Popov adds.

Popov’s research includes a number of security patches for correcting these flaws, in addition to the responsible report to the Linux security team. These fixes will be available with version 5.11-rc7 of the main kernel as soon as possible, so it is recommended that compromised deployment administrators wait for the official Linux announcement.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) website.