Skip to main content

​Serious Linux kernel security bug fixed

posted onOctober 3, 2017
by l33tdawg

Sometimes old fixed bugs come back to bite us. That's the case with CVE-2017-1000253, a Local Privilege Escalation Linux kernel bug.

This is a problem with how the Linux kernel loaded Executable and Linkable Format (ELF) executables. If an ELF application was built as Position Independent Executable (PIE), the loader could allow part of that application's data segment to map over the memory area reserved for its stack. This could cause memory corruption. Then, an otherwise unprivileged local user with access to a Set owner User ID (SUID) or otherwise privileged flawed PIE binary, could gain higher-level user privileges.

Source

You May Also Like

Recent News

Monday, February 19th

Thursday, February 15th

Tuesday, February 13th

Monday, February 12th

Sunday, February 11th

Saturday, February 10th