1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Linux security systems have a rather damaging safety flaw

    From TechnologyDaily@1337:1/100 to All on Fri Apr 1 15:00:04 2022
    Linux security systems have a rather damaging safety flaw

    Date:
    Fri, 01 Apr 2022 13:40:10 +0000

    Description:
    Flaw was found in IPSecs Encapsulating Security Payload (esp6) crypto module.

    FULL STORY ======================================================================

    Red Hat has released a patch for a recently discovered vulnerability that allowed for local privilege escalation, putting all manner of Linux systems potentially at risk.

    As explained in the advisory, the vulnerability, tracked as CVE-2022-27666, was discovered in IPSecs Encapsulating Security Payload (esp6) crypto module or, in other words, a basic heap overflow vulnerability.

    The flaw was discovered by one Xiaochen Zou - a graduate student at the University of California, Riverside. He explained how "the basic logic of
    this vulnerability is that the receiving buffer of a user message in esp6 module is an 8-page buffer, but the sender can send a message larger than 8 pages, which clearly creates a buffer overflow." TechRadar needs you!

    We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a 100 Amazon gift card (or equivalent in USD). Thank you for taking part.

    Click here to start the survey in a new window << Crashing the system

    In Red Hats advisory, the flaw was described as allowing a threat actor with normal user privilege to overwrite kernel heap objects, which may cause local privilege escalation.

    The vulnerability was given a severity score of 7.8.

    Red Hat has also warned admins that on Linux systems already using IPsec and having IPSec Security Associations (SA) configured, a threat actor would need no additional privileges to exploit the vulnerability.

    However, these are essential for the network security protocol, ZDNet claims, meaning pretty much everyone with the vulnerable code in their Linux distro
    is a potential target. Read more

    This major Linux security vulnerability has been fixed, so patch now


    Linux devs fix nasty vulnerability dating back half a decade


    These critical security bugs put Linux servers at risk of attack

    According to Xiaochen, the newest Ubuntu, Fedora, and Debian Linux distros
    are all vulnerable, as well as Red Hat Enterprise Linux (RHEL) 8. This flaw can bring a Linux system offline, it was said.

    The same patch also addresses CVE-2022-1055, a use-after-free vulnerability that was found in the network traffic control implementation, which can also crash a vulnerable system. It can also be used to gain elevated privileges, and was described as high priority for patching.

    Given that the two vulnerabilities allow for privilege escalation and could
    be used for denial of service attacks, administrators are urged to patch up their endpoints as soon as possible. To stay secure from threats, make sure you set up one of the best firewalls right now

    Via: ZDNet



    ======================================================================
    Link to news story: https://www.techradar.com/news/linux-security-systems-have-a-rather-damaging-s afety-flaw/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)