computerhelp Aimoo Forum List | Ticket | Today | Member | Search | Who's On | Help | Sign In | |
computerhelp > Computer Questions > Linux Go to subcategory:
Author Content
  • Unsubscribe Thread
  • Rank:Diamond Member
  • Score:4762
  • Posts:4762
  • From:USA
  • Register:02/11/2009 11:04 PM

Date Posted:06/06/2014 2:32 PMCopy HTML

Summary: Young security researcher Pinkie Pie has found a bug in the Linux kernel that security experts say is urgent to fix.

The security team behind the Debian distro are urging users to upgrade their Linux packages after patching a newly-found flaw in the Linux kernel.

Reported on Thursday by Debian
 and recorded as CVE-2014-3153, the new flaw is due to an issue in the kernel's "futex subsystem", which could allow an attacker with local access to gain access to perform unauthorised actions.The patch is the second major update for the Linux kernel in three weeks, following last month's fixes for Ubuntu, Red Hat, and Debian due to a bug in the n_tty_write function.

As per Debian's write up, "Pinkie Pie discovered an issue in the futex subsystem that allows a local user to gain ring 0 control via the futex syscall. An unprivileged user could use this flaw to crash the kernel (resulting in denial of service) or for privilege escalation".

Teenager Pinkie Pie has developed a reputation as a skilled hacker after scooping at least $100,000 for elegantly bypassing security features of Google's Chrome every year since 2012.

According to Kees Cook, a Google ChromeOS security engineer and Ubuntu contributor, the latest flaw found by Pinkie Pie is "urgent to fix".

"Specifically, the futex syscall can leave a queued kernel waiter hanging on the stack. By manipulating the stack with further syscalls, the waiter structure can be altered. When later woken up, the altered waiter can result in arbitrary code execution in ring 0," Cook wrote on

"This flaw is especially urgent to fix because futex tends to be available within most Linux sandboxes (because it is used as a glibc pthread primitive)."

Updates addressing the patches for OpenWall can be found here

As noted by Swiss security consultancy Scip, while the bug can be easily exploited, technical details of it remain unknown and there is currently no known exploit publicly available.

I feel more like I do now than I did a while ago...
D_Runner Share to: Facebook Twitter MSN linkedin google yahoo #1
  • Rank:Diamond Member
  • Score:2669
  • Posts:2669
  • From:USA
  • Register:12/15/2008 12:30 AM

Re:Patch ready for newly-discovered Linux kernel flaw

Date Posted:06/10/2014 2:19 AMCopy HTML

Good thing this was found and addressed promptly -- this sort of thing is why no user of any OS should ever ignore updates. You might have to read over them to see what you're getting, but better safe than sorry. A direct escalation within ring 0 would require significant technical skill to pull off in my opinion, but I wouldn't leave a kernel unpatched to let someone sneak in and try it.


add: Was just looking over some code involved in this vulnerability and it looks to me like you'd have to make two different memory addresses logically equivalent in the futex call in a way that allows a memory pointer to be unallocated and hence available for use with injected code at one of the memory addresses... if this is so, it seems relatively simple to set up the vulnerability in a form in which it might be used for nefarious purposes, but getting a workable exploit out of it might be a good deal harder to accomplish. But there's a strong possibility someone somewhere would try it... good thing the kernel has been patched already.
Copyright © 2000- Aimoo Free Forum All rights reserved.