Latest in Culture

Image credit:

Linux exploit gives any user full access in five seconds

The bug was first spotted by Linus Torvalds 11 years ago, but never patched.
Share
Tweet
Share

Sponsored Links

maciek905 via Getty Images

If you need another reason to be paranoid about network security, a serious exploit that attacks a nine-year-old Linux kernel flaw is now in the wild. The researcher who found it, Phil Oester, told V3 that the attack is "trivial to execute, never fails and has probably been around for years." Because of its complexity, he was only able to detect it because he had been "capturing all inbound HTTP traffic and was able to extract the exploit and test it out in a sandbox," Oester said.

The kernel flaw (CVE-2016-5195) is an 11-year-old bug that Linus Tovalds himself tried to patch once. His work, unfortunately, was undone by another fix several years later, so Oester figures it's been around since 2007. The problem is that the Linux kernel's memory system can break during certain memory operations, according to Red Hat. "An unprivileged local user could use this flaw to gain write access ... and thus increase their privileges on the system."

In other words, it can be used to get root server access, which is a terrible thing for the internet. Though it's primarily an attack for users that already have an account on a server, it could potentially be exploited on a Linux machine that lets you execute a file -- something that's common for online servers.

Torvalds points out that the race condition flaw used to be "purely theoretical," but is now easier to trigger thanks to improved VM tech. Keepers of the Linux kernel have patched the bug (dubbed "Dirty COW," for copy-on-write) and distributors like Red Hat, which classified the bug as "important," are working on updates. "All Linux users need to take this bug very seriously, and patch their systems ASAP," says Oester. He adds that the packet captures that helped him spot the exploit "have proved invaluable numerous times. I would recommend this extra security measure to all admins."

(Thanks, Kristy.)

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

Roku is giving away 30 days of premium video

Roku is giving away 30 days of premium video

View
NASA warns Moon base plans might slip by a year

NASA warns Moon base plans might slip by a year

View
Lab-in-a-box test can detect COVID-19 in 5 minutes

Lab-in-a-box test can detect COVID-19 in 5 minutes

View
Dropbox beta for Mac can finally sync your desktop

Dropbox beta for Mac can finally sync your desktop

View
Comcast, Verizon make some on-demand viewing free

Comcast, Verizon make some on-demand viewing free

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr