It’s been around since 2012 but the vulnerability was discovered only recently. For almost 4 years, millions of servers & other devices running on Linux may have been vulnerable to attacks that allowed an unprivileged app or user to gain nearly root access. The flaw was discovered by Online security firm Perception Point.
In a blog post, the agency said this vulnerability had implications for approximately tens of millions of Linux PCs & servers, and 66% of all Android devices. While neither PP nor the Kernel security team to whom it was reported, had observed any exploit targeting this vulnerability in the wild, both have recommend that security teams examine potentially affected devices & implement patches as soon as possible.
The flaw was introduced into the Linux kernel in version 3.8 & resides in the OS keyring. The facility allows apps to store encryption keys, authentication tokens, & other sensitive security data inside the kernel while remaining in a form that can’t be accessed by other apps. To demonstrate the risk the bug posed, the researchers also developed a proof-of-concept exploit that replaces a keyring object stored in memory with code that’s executed by the kernel.
To get into the details of this latest bug, click here.
Image Credit: Perception Point