Vulnerability Discovered In Linux Kernels
Due to a problematic security gap, it is basically necessary to update a large number of systems in which a more up-to-date Linux kernel is used. The bug called StackRot allows attackers to escalate their user rights.
The vulnerability reported under the identifier CVE-2023-3269 affects Linux versions 6.1 to 6.4. This was announced by the kernel development team. So far, at least, there is no evidence that the vulnerability has already been exploited in the wild. However, this can change at any time.
“Because StackRot is a Linux kernel vulnerability found in the memory management subsystem, it affects almost all kernel configurations and it requires minimal skills to exploit,” said Ruihan Li, a security researcher at the university of Beijing. In practice, however, various protective mechanisms still ensure that an exploit is not necessarily immediately successful.
Update is required
The vulnerability lies essentially in a data structure called Maple Tree, which was introduced in the Linux kernel 6.1 as a replacement for Red Black Tree (rbtree) to manage virtual memory areas (VMAs). This is a contiguous range of virtual addresses, which can be the contents of a file on disk or the memory used by a program while it is running.
A proof of concept (PoC) exploit and more technical details about the bug are expected to be released by the end of the month. Until then you should use the provided patches that have been installed better. So anyone who uses Linux systems or firmware based on the Linux kernel should pay particular attention to the corresponding manufacturer reports.
Digital marketing enthusiast and industry professional in Digital technologies, Technology News, Mobile phones, software, gadgets with vast experience in the tech industry, I have a keen interest in technology, News breaking.
