1. IT-Security >
  2. Hacking >
  3. CVE-2018-17182: Linux Kernel Vulnerability and PoC Exploit


ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

CVE-2018-17182: Linux Kernel Vulnerability and PoC Exploit

RSS Kategorie Pfeil Hacking vom | Quelle: githacktools.blogspot.com Direktlink öffnen

A cybersecurity researcher with Google Project Zero has released the details, and a Proof-Of-Concept (PoC) exploit for a high severity vulnerability that exists in Linux kernel since Kernel version 3.16 through 4.18.8.

Discovered by Whitehat hacker Jann Horn, the Kernel vulnerability (CVE-2018-17182) is a cache invalidation bug in the Linux memory management subsystem that leads to use-after-free vulnerability, which if exploited, could allow an attacker to gain root privileges on the targeted system.

The Use-After-Free (UAF) vulnerabilities are a class of memory corruption bug that can be exploited by unprivileged users to corrupt or alter data in memory, enabling them to cause a denial of service (system crash) or escalate privileges to gain administrative access on a system.

Linux Kernel Exploit Takes an Hour to Gain Root Access
   However, Horn says his PoC Linux kernel exploit made available to the public "takes about an hour to run before popping a root shell."

   Horn responsibly reported the vulnerability to Linux kernel maintainers on September 12, and the Linux team fixed the issue in his upstream kernel tree within just two days, which Horn said was "exceptionally fast, compared to the fix times of other software vendors."

   The Linux kernel vulnerability was disclosed on the oss-security mailing list on September 18 and was patched in the upstream-supported stable kernel versions 4.18.9, 4.14.71, 4.9.128, and 4.4.157 on the next day.

   There's also a fix in release 3.16.58 for CVE-2018-17182 PoC.

Debian and Ubuntu Linux Left its Users Vulnerable for Over a Week
   "However, a fix being in the upstream kernel does not automatically mean that users' systems are actually patched," Horn noted.

   The researcher was disappointed knowing that some major Linux distributions, including Debian and Ubuntu, left their users exposed to potential attacks by not releasing kernel updates more than a week after the vulnerability was made public.

   As of Wednesday, both Debian stable and Ubuntu releases 16.04 and 18.04 had not patched the vulnerability.

   However, the Fedora project already rolled out a security patch for CVE-2018-17182 PoC to its users on 22 September.
"Debian stable ships a kernel based on 4.9, but as of 2018-09-26, this kernel was last updated 2018-08-21. Similarly, Ubuntu 16.04 ships a kernel that was last updated 2018-08-27," Horn noted.
"Android only ships security updates once a month. Therefore, when a security-critical fix is available in an upstream stable kernel, it can still take weeks before the fix is actually available to users—especially if the security impact is not announced publicly."

   In response to the Horn's blog post, the maintainers of Ubuntu says the company would possibly release the patches for the Linux kernel flaw around October 1, 2018.

   Horn said that once the patch is deployed in the upstream kernel, the vulnerability and patch becomes public, which, in this case, could allow malicious actors to develop a Linux kernel exploit to target users.

Have something to say about this post? Comment below or share it with The Hackers News on Facebook, Twitter or our LinkedIn Group.

And have something to say about GitHackTools or CVE-2018-17182 PoC? Comment below or share this post from GitHackTools FacebookGitHackTools Twitter and GitHackTools Google Plus.

Infomation About CVE-2018-17182 PoC
   EDB-ID: 45497
   CVE: CVE-2018-17182
   E-DB Verified: Yes
   Author: Google Security Research
   Type: Local
   Advisory/Source: bugs.chromium.org
   Published: 2018-09-26
   Platform: Linux
   
   Description about CVE-2018-17182
      An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.


...

Webseite öffnen Komplette Webseite öffnen

Newsbewertung

Kommentiere zu CVE-2018-17182: Linux Kernel Vulnerability and PoC Exploit






Ähnliche Beiträge

  • 1. USN-3415-2: tcpdump vulnerabilities vom 622.73 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-3415-2 13th September, 2017 tcpdump vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in tcpdump Software description tcpdump
  • 2. USN-3415-1: tcpdump vulnerabilities vom 622.43 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-3415-1 13th September, 2017 tcpdump vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed
  • 3. USN-3361-1: Linux kernel (HWE) vulnerabilities vom 532.58 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-3361-1 21st July, 2017 linux-hwe vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in the Linux kernel. Software descriptio
  • 4. USN-3619-1: Linux kernel vulnerabilities vom 486.7 Punkte ic_school_black_18dp
    linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in the Linux kernel. Software Description li
  • 5. CVE-2018-17182: Linux Kernel Vulnerability and PoC Exploit vom 440.66 Punkte ic_school_black_18dp
    A cybersecurity researcher with Google Project Zero has released the details, and a Proof-Of-Concept (PoC) exploit for a high severity vulnerability that exists in Linux kernel since Kernel version 3.16 through 4.18.8.Discovered by Whitehat hacker Jann Hor
  • 6. The November 2018 Security Update Review vom 397.18 Punkte ic_school_black_18dp
    November is here and with it comes the latest in security offerings from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month. Adobe Patches for November 2018
  • 7. USN-3583-1: Linux kernel vulnerabilities vom 382.15 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-3583-1 23rd February, 2018 linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the Linux kernel. Software descriptio
  • 8. USN-3544-1: Firefox vulnerabilities vom 363.07 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-3544-1 24th January, 2018 firefox vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Firefox could be made to crash or
  • 9. USN-3131-1: ImageMagick vulnerabilities vom 357.48 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-3131-1 21st November, 2016 imagemagick vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several secu
  • 10. The October 2018 Security Update Review vom 331.18 Punkte ic_school_black_18dp
    October is upon us and with it comes the latest in security offerings from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month. Adobe Patches for October 2018 A
  • 11. USN-3583-2: Linux kernel (Trusty HWE) vulnerabilities vom 329.65 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-3583-2 23rd February, 2018 linux-lts-trusty vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in the Linux kernel. Software descriptio
  • 12. The June 2019 Security Update Review vom 328.62 Punkte ic_school_black_18dp
    June has arrived and so have the scheduled security patches from Microsoft and Adobe. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month. Adobe Patches for June 2019 This month, Ad