Your new post is loading...
Sometimes old fixed bugs come back to bite us. That's the case with CVE-2017-1000253, a Local Privilege Escalation Linux kernel bug.
This is a problem with how the Linux kernel loaded Executable and Linkable Format (ELF) executables. If an ELF application was built as Position Independent Executable (PIE), the loader could allow part of that application's data segment to map over the memory area reserved for its stack. This could cause memory corruption. Then, an otherwise unprivileged local user with access to a Set owner User ID (SUID) or otherwise privileged flawed PIE binary, could gain higher-level user privileges.
Qualys, a security company, worked out a way to exploit this hole. By smashing the PIE's .dynamic section with a stack-based string operation, they found they could force the ld.so dynamic linker to load and execute their own shared library.
This security hole may sound complicated, but it's relatively easy to exploit. Since it could give an ordinary user super-user privileges it's potentially very dangerous.
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux