Security Company Perception Point has discovered a vulnerability in the Linux kernel that affects many Linux-based devices with software from 2012 or later. For vulnerability is part of the code that was first introduced in version 3.8 of the kernel.
Among the units affected, the vast majority of Linux-based PCs and servers, but also hundreds of millions of Android devices.
Root-access
The vulnerability allows for a user gets increased privileges, ie root access. But such vulnerability could potentially be exploited by malware once it gets access to the system. In Android includes this probably apps.
Users and administrators of PCs and servers will shortly be able to download a security update to the Linux kernel which this vulnerability is removed.
Worse it with Android users, of which few people receiving regular security updates.
Millions of users
Perception Point writes that as many as 2/3 of Android users might be affected as vulnerability touch Android 4.4 KitKat and later.
The vulnerability is caused by a reference leak in what is called “keyrings” functionality. Keyrings is primarily a means that can be used by drivers to store or cache safety data in the core, such as authentication and encryption keys.
In the blog post to Perception Point it carefully described how this can be exploited to obtain root access.
Not easy
It must be emphasized that security technologies like ASLR (Address Space Layout Randomization), SMEP (Supervisor Mode Execution Protection), SMAP (Supervisor Mode Access Protection) and SELinux will make it far more difficult, but not impossible, to exploit the vulnerability.
SELinux was adopted in Android in version 4.3 to introduce a mandatory access control for all processes, including processes with root or superuser privileges.
No comments:
Post a Comment