Security News > 2021 > March > Serious Security: The Linux kernel bugs that surfaced after 15 years

Serious Security: The Linux kernel bugs that surfaced after 15 years
2021-03-17 20:20

Researchers at cybersecurity company GRIMM recently published an interesting trio of bugs they found in the Linux kernel.

Except, of course, that most Linux systems not only come with hundreds or even thousands of kernel modules in the /lib/modules directory tree, ready to use in case they are ever needed, but also come configured to allow suitably authorised apps to trigger the automatic loading of modules on demand.

If you have a vendor-modified kernel or an unofficial series kernel not on this list, consult your distro maker.

Extract kernel memory addresses in order to facilitate other attacks that need to know where kernel code is loaded in memory.

Modern kernels use what's called KASLR, short for kernel address space layout randomisation, specifically to stop unprivileged users from figuring out the exact internal layout of the kernel.

You can either build a static kernel with only the required modules compiled in, or create a kernel package for your servers with all unnecessary modules removed.


News URL

https://nakedsecurity.sophos.com/2021/03/17/serious-security-the-linux-kernel-bugs-that-surfaced-after-15-years/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 11 64 2312 1489 67 3932
Kernel 3 0 8 4 1 13