Vulnerability Discovered In Linux Kernels

Due to a problematic security gap, it is basically necessary to update a large number of systems in which a more up-to-date Linux kernel is used. The bug called StackRot allows attackers to escalate their user rights.

The vulnerability reported under the identifier CVE-2023-3269 affects Linux versions 6.1 to 6.4. This was announced by the kernel development team. So far, at least, there is no evidence that the vulnerability has already been exploited in the wild. However, this can change at any time.

“Because StackRot is a Linux kernel vulnerability found in the memory management subsystem, it affects almost all kernel configurations and it requires minimal skills to exploit,” said Ruihan Li, a security researcher at the university of Beijing. In practice, however, various protective mechanisms still ensure that an exploit is not necessarily immediately successful.

Update is required

The vulnerability lies essentially in a data structure called Maple Tree, which was introduced in the Linux kernel 6.1 as a replacement for Red Black Tree (rbtree) to manage virtual memory areas (VMAs). This is a contiguous range of virtual addresses, which can be the contents of a file on disk or the memory used by a program while it is running.

A proof of concept (PoC) exploit and more technical details about the bug are expected to be released by the end of the month. Until then you should use the provided patches that have been installed better. So anyone who uses Linux systems or firmware based on the Linux kernel should pay particular attention to the corresponding manufacturer reports.

2 thoughts on “Vulnerability Discovered In Linux Kernels

Leave a Reply