Thursday 21 January 2016

Zero-Day Linux Kernel Vulnerability Gives Attacker Root Access

Zero-Day Linux Kernel Vulnerability Gives Attacker Root Access

The OS having Linux Kernel 3.8 and the versions which released after of it are most affected. Perception Point is a name of a group who identified the Zero-Day Linux Kernel Vulnerability that allows Android or Linux applications to escalate privileges and gain root access.

Linux kernel vulnerabilities are not extreme and new, and they are found and patched all the time. Everything gets easily fixed as soon as it is found, and doesn’t take so much time this is the only reason behind it that the Linux-based operating systems are usually more secure than the operating system. For the Linux kernel, vulnerabilities are not all that frequent.

Yevgeny Pats, co-founder, and CEO at security vendor Perception Point said that

“This affects all Android phones KitKat and higher,”

By exploiting this vulnerability, attackers can delete files, view private information, and install unwanted programs and it has existed in the Linux Kernel since 2012. 

Yevgeny Pats said that Linux team identified this vulnerability, and patches should be made as soon as possible. Perception Point has also provided proof of concept code that exploits this vulnerability to gain root access. And he also said that no more exploits have been observed that can take advantage of this vulnerability.

The company said that 

“We recommend that security teams examine potentially affected devices and implement patches as soon as possible,”
The vulnerability is related to the keyrings facility, which is a way for drivers to save security data, authentication keys, and encryption keys in the kernel.

The new keyrings vulnerability is currently known only by its identification number, CVE-2016-0728. CVE-2016-0728 is described as a local privilege escalation vulnerability, which means that once after its exploitation, the attacker can easily get root access to the OS. 

The problem is that this vulnerability already affects millions of users using Linux and Android that are prone to vulnerability. According to the survey, 66% of users are using this vulnerable OS with less chance of receiving security patches. Those five of the critical vulnerabilities that patched were the bugs in the kernel drivers.

There is no problem on the PC side of things because the Linux security teams are already in the middle of deploying patches to fix this vulnerability. There is no evidence of this exploit being used in the wild. So, again please keep your software up to date.

If you want to know more about this vulnerability, then you can find it on Perception Point Research website.

Watch Video:


Post a Comment

Note: only a member of this blog may post a comment.

Toggle Footer