Linux Kernel Bug Opens Door to Wider Cyberattacks

2021-04-27 19:43

An information-disclosure security vulnerability has been discovered in the Linux kernel, which can be exploited to expose information in the kernel stack memory of vulnerable devices.

It contains /proc/[pid] subdirectories, each of which contains files and subdirectories exposing information about specific processes, readable by using the corresponding process ID. In the case of the "Syscall" file, it's a legitimate Linux operating system file that contains logs of system calls used by the kernel.

"We can see the output on any given Linux system whose kernel was configured with CONFIG HAVE ARCH TRACEHOOK," according to Cisco's bug report, publicly disclosed on Tuesday.

Cisco Talos researchers first discovered the issue on an Azure Sphere device, a 32-bit ARM device that runs a patched Linux kernel.

"Users are encouraged to update these affected products as soon as possible: Linux Kernel versions 5.10-rc4, 5.4.66 and 5.9.8," according to the advisory.

"Talos tested and confirmed these versions of the Linux kernel could be exploited by this vulnerability."

News URL

https://threatpost.com/linux-kernel-bug-wider-cyberattacks/165640/

#cyberattack #kernel #linux

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Linux		17	395	2079	1387	667	4528
Kernel		4	2	9	5	0	16