Jump to content

Patch now: Linux file system security hole, dubbed Sequoia, can take over systems. This Linux kernel's filesystem security vulnerability can enable any user to grab root privileges.


Recommended Posts

securitybreach
Quote

 

Some days, it doesn't rain, it pours. That's the case with Linux today. Not one, but two serious security holes have recently been exposed. First, there was a systemd bug which could easily knock out systems. Now there's this security hole in the Linux kernel's file system, which any user could use to take over a computer. Like I said, some days it just pours.

 

The Qualys Research Team, which uncovered the file system bug, also discovered a size_t-to-int type conversion vulnerability in the Linux kernel's filesystem. This Linux security hole has been named Sequoia and it's been designated CVE-2021-33909.

 

Doesn't sound like much, does it? Au contraire! It can be used against most Linux distributions in their default configurations. And, worse still, any -- I repeat, any -- unprivileged user can abuse it to gain root privileges.

 

Here's how it works. We all use filesystems every day, but you probably don't think about how it works. Who, except for developers, does? In Linux's case, the file system interface is implemented in a three-layered architecture. There's the user interface layer; the file system implementation; and the storage device drivers.

 

Within the Linux kernel's seq_file interface produces virtual files containing sequences of records. Each record must fit into a seq_file buffer. When it runs out of space, it's just enlarged by doubling its size. That's not a problem. You'll run out of memory long before you can hack the system with this. The problem shows up because this size_t variable is also passed to functions whose size argument is a signed 32-bit integer, not a size_t. And that, my friend, while a very large number, can be overrun........

 

 

https://www.zdnet.com/article/patch-now-linux-file-system-security-hole-dubbed-sequoia-can-take-over-systems/

  • +1 1
Link to post
Share on other sites
securitybreach

And like the article plainly states:

 

This fix is also available in most Linux distributions now. So, if you've been sitting on your hands and not updating your Linux computers, it's time to get off them and start typing in patching commands.

 

Link to post
Share on other sites
sunrat
13 minutes ago, securitybreach said:

It's not click bait at all. The article was written by Steven J. Vaughan-Nichols  on the 21st.

 

Obviously it's not a trivial problem but so often vulnerabilities get overstated. I was just stirring a little to call it clickbait.

  • Like 1
Link to post
Share on other sites
V.T. Eric Layton

Patched in Slackware on 21 July:

 

Quote

patches/packages/linux-4.4.276/*: Upgraded. These updates fix various bugs and security issues, including the recently announced local privilege escalation vulnerability in the filesystem layer (CVE-2021-33909).

 

Link to post
Share on other sites
V.T. Eric Layton

Deleted my other post from just a few minutes ago, as it was a duplicate of this. :)

  • +1 1
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...