Friday, April 26, 2024

Google Project Zero Disclosed PoC & Exploit for Serious Linux Kernel Vulnerability

By Balaji

Google Project Zero researcher disclose the exploit and PoC(Proof of concept) for a serious Linux Kernel Vulnerability that affected Linux kernel version 3.16.

This bug was reported on earlier of this month by Google under 90-day disclosure deadline which allows an attacker could take over the complete control of the affected Linux system.

Google Project Zero’s young Security Expert Jann Horn discovered this serious cache invalidation vulnerability in Linux memory management.

The flaw (CVE-2018-17182), which exists in Linux memory management in kernel versions 3.16 through 4.18.8, can be exploited in many different ways, “even from relatively strongly sandboxed contexts,”

Linux Kernel Vulnerability & Exploitation

According to Jann , “Fundamentally, this bug can be triggered by any process that can run for a sufficiently long time to overflow the reference counter (about an hour if MAP_FIXED is usable) and has the ability to use mmap()/munmap() (to manage memory mappings) and clone() (to create a thread),”.

This bug mainly related to the Kernel’s virtual memory area(VMA) and caches that handling of kernel crashes is a tradeoff between availability, reliability, and security.

In this case, an attacker attempting to exploit a kernel bug might benefit from the ability to retry an attack multiple times without triggering system reboots  & read the crash log produced by the first attempt of the attack which will be used for the second sophisticated attacks.

“The bug was fixed by changing the [VMA] sequence numbers to 64 bits, thereby making an overflow infeasible and removing the overflow handling logic,”

Released Exploited described how much impact the kernel configuration can have on how easy it is to write an exploit for a kernel bug.

PoC (Proof-of-concept) was released on September 12 to the Linux kernel development  team and they fixed after 3 days.

The researcher warns that threat actors already developed the exploit for the vulnerability and the Linux distributions developers don’t publish kernel updates more often that very dangerous to the user who can easily vitimized.

Debian stable and Ubuntu releases 16.04 and 18.04 have not yet patched the vulnerability – and Android users remain at risk.

Related Read

New Xbash Malware Attack on Linux & Windows with Botnet, Ransomware & Coinminer Capabilities

Building a Hacking Kit with Raspberry Pi and Kali Linux

Gentoo Linux GitHub Account Hacked, Attackers Modified Repositories

Managed WAF Protection

Website

Latest articles

CVE/vulnerability

Hackers Exploit Old Microsoft Office 0-day to Deliver Cobalt Strike

Hackers have leveraged an old Microsoft Office vulnerability, CVE-2017-8570, to deploy the notorious Cobalt...
Cyber Attack

Microsoft Publicly Releases MS-DOS 4.0 Source Code

In a historic move, Microsoft has made the source code for MS-DOS 4.0, one...
Cyber Attack

New SSLoad Malware Combined With Tools Hijacking Entire Network Domain

A new attack campaign has been discovered to be employed by the FROZEN#SHADOW, which...
Cyber Security News

Palo Alto Networks Shares Remediation Advice for Hacked Firewalls

Palo Alto Networks has issued urgent remediation advice after discovering a critical vulnerability, designated...
cyber security

Analyze Malicious Powershell Scripts by Running Malware in ANY.RUN Sandbox

Hackers exploit PowerShell, a built-in scripting tool on Windows (and sometimes Linux), to launch...
cyber security

Beware! Zero-click RCE Exploit for iMessage Circulating on Hacker Forums

A new cybersecurity threat has emerged as a zero-click remote code execution (RCE) exploit...
Cyber Attack

New DragonForce Ransomware Emerged From The Leaked LOCKBIT Builder

Hackers exploit LOCKBIT Builder due to its versatility in creating customized ransomware payloads which...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

WAAP/WAF ROI Analysis

Mastering WAAP/WAF ROI Analysis

As the importance of compliance and safeguarding critical websites and APIs grows, Web Application and API Protection (WAAP) solutions play an integral role.
Key takeaways include:

  • Pricing models
  • Cost Estimation
  • ROI Calculation

    • Book Your Spot

Related Articles

Connect with GBHackers On Security

Join 70,000 Security Professionals

Stay safe online with free daily cybersecurity updates. Sign up now!

GBHackers on security is a highly informative and reliable Cyber Security News platform that provides the latest and most relevant updates on Cyber Security News, Hacking News, Technology advancements, and Kali Linux tutorials on a daily basis. The platform is dedicated to keeping the community well-informed and up-to-date with the constantly evolving Cyber World.

Menu

Contact US:

Email : [email protected]