Security News > 2021 > July > New Linux kernel bug lets you get root on most modern distros
Unprivileged attackers can gain root privileges by exploiting a local privilege escalation vulnerability in default configurations of the Linux Kernel's filesystem layer on vulnerable devices.
According to Qualys' research, the vulnerability impacts all Linux kernel versions released since 2014.
Once successfully exploited on a vulnerable system, the attackers get full root privileges on default installations of many modern distributions.
"We successfully exploited this uncontrolled out-of-bounds write, and obtained full root privileges on default installations of Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04, Debian 11, and Fedora 34 Workstation," the researchers said.
Since the attack surface exposed by the Sequoia vulnerability reaches over a wide range of distros and releases, Linux users are urged to immediately apply patches released earlier today.
Systemd is a software suite included with most Linux operating systems used to start all other system components after booting.
News URL
Related news
- CISA orders agencies to patch Linux kernel bug exploited in attacks (source)
- Mixing Rust and C in Linux likened to cancer by kernel maintainer (source)
- 'Key kernel maintainers' still back Rust in the Linux kernel, despite the doubters (source)
- Linux royalty backs adoption of Rust for kernel code, says its rise is inevitable (source)
- Strap in, get ready for more Rust drivers in Linux kernel (source)