Linux Kernel Prior to 5.0.8 Vulnerable to Remote Code Execution

Discussion in 'all things UNIX' started by mood, May 13, 2019.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    14,850
    Linux Kernel Prior to 5.0.8 Vulnerable to Remote Code Execution
    May 13, 2019
    https://www.bleepingcomputer.com/ne...r-to-508-vulnerable-to-remote-code-execution/
     
  2. Beyonder

    Beyonder Registered Member

    Joined:
    Aug 26, 2011
    Posts:
    396
    I'm curious, what prevents this vulnerability from being exploited? Does Firejail prevent it? AppArmor? SELinux?

    Or is patching the only solution?
     
  3. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,346
    Kernel exploits usually cannot be stopped by security software.
    However, this exploit is not much of an issue:
    1 It was patched already in March for older kernels (the newest kernel is not vulnerable)
    2 It is a difficult exploit to pull off, so home users need not worry
    3 No actual cases in the wild have been reported.
     
  4. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    868
    Location:
    Member state of European Union
    Seccomp may prevent locally running programs from exploiting some kernel vulnerabilities by restricting access to some kernel syscalls. This is not the case for remote kernel code execution, though.

    But a lot of distributions were not patched at time of CVE announcement.
     
  5. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    14,850
    https://blogs.quickheal.com/cve-201...vilege-escalation-vulnerability-linux-kernel/
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.