Wednesday February 22, 2017

Another Linux Kernel Vulnerability Leading To Local Root From Unprivileged Processes

How about that. In a world where Microsoft puts off a patch Tuesday in February with known 0-day exploits in the wild, a new Linux exploit has been discovered, and fixed in Git a week before it was announced giving distribution managers time to patch it in their repositories. You have to love efficiency.

This must have been why I got a new kernel on my Ubuntu server install and Linux Mint desktop yesterday.

News Image

This local root vulnerability is present in Linux kernel releases going back at least to 2006 but potentially to 2005 when the code was first introduced. It affects kernel builds with CONFIG_IP_DCCP, which is the case for many distribution kernels. Checking my Fedora 25 kernel right now, it's enabled. DCCP in this context is short for the Datagram Congestion Control Protocol.