Skip to main content

​Serious Linux kernel security bug fixed

posted onOctober 3, 2017
by l33tdawg

Sometimes old fixed bugs come back to bite us. That's the case with CVE-2017-1000253, a Local Privilege Escalation Linux kernel bug.

This is a problem with how the Linux kernel loaded Executable and Linkable Format (ELF) executables. If an ELF application was built as Position Independent Executable (PIE), the loader could allow part of that application's data segment to map over the memory area reserved for its stack. This could cause memory corruption. Then, an otherwise unprivileged local user with access to a Set owner User ID (SUID) or otherwise privileged flawed PIE binary, could gain higher-level user privileges.

Source

Recent News

Tuesday, November 14th

Sunday, November 12th

Friday, November 10th

Wednesday, November 8th

Monday, November 6th