Security News > 2021 > April > Linux Kernel Bug Opens Door to Wider Cyberattacks
An information-disclosure security vulnerability has been discovered in the Linux kernel, which can be exploited to expose information in the kernel stack memory of vulnerable devices.
It contains /proc/[pid] subdirectories, each of which contains files and subdirectories exposing information about specific processes, readable by using the corresponding process ID. In the case of the "Syscall" file, it's a legitimate Linux operating system file that contains logs of system calls used by the kernel.
"We can see the output on any given Linux system whose kernel was configured with CONFIG HAVE ARCH TRACEHOOK," according to Cisco's bug report, publicly disclosed on Tuesday.
Cisco Talos researchers first discovered the issue on an Azure Sphere device, a 32-bit ARM device that runs a patched Linux kernel.
"Users are encouraged to update these affected products as soon as possible: Linux Kernel versions 5.10-rc4, 5.4.66 and 5.9.8," according to the advisory.
"Talos tested and confirmed these versions of the Linux kernel could be exploited by this vulnerability."
News URL
https://threatpost.com/linux-kernel-bug-wider-cyberattacks/165640/
Related news
- CISA orders agencies to patch Linux kernel bug exploited in attacks (source)
- Mixing Rust and C in Linux likened to cancer by kernel maintainer (source)
- 'Key kernel maintainers' still back Rust in the Linux kernel, despite the doubters (source)
- Linux royalty backs adoption of Rust for kernel code, says its rise is inevitable (source)