Jump to content

Patch now: Linux file system security hole, dubbed Sequoia, can take over systems. This Linux kernel's filesystem security vulnerability can enable any user to grab root privileges.

securitybreach

By securitybreach
in Bruno's All Things Linux

 Share

Recommended Posts

securitybreach

securitybreach

Posted
Posted
Quote

 

Some days, it doesn't rain, it pours. That's the case with Linux today. Not one, but two serious security holes have recently been exposed. First, there was a systemd bug which could easily knock out systems. Now there's this security hole in the Linux kernel's file system, which any user could use to take over a computer. Like I said, some days it just pours.

 

The Qualys Research Team, which uncovered the file system bug, also discovered a size_t-to-int type conversion vulnerability in the Linux kernel's filesystem. This Linux security hole has been named Sequoia and it's been designated CVE-2021-33909.

 

Doesn't sound like much, does it? Au contraire! It can be used against most Linux distributions in their default configurations. And, worse still, any -- I repeat, any -- unprivileged user can abuse it to gain root privileges.

 

Here's how it works. We all use filesystems every day, but you probably don't think about how it works. Who, except for developers, does? In Linux's case, the file system interface is implemented in a three-layered architecture. There's the user interface layer; the file system implementation; and the storage device drivers.

 

Within the Linux kernel's seq_file interface produces virtual files containing sequences of records. Each record must fit into a seq_file buffer. When it runs out of space, it's just enlarged by doubling its size. That's not a problem. You'll run out of memory long before you can hack the system with this. The problem shows up because this size_t variable is also passed to functions whose size argument is a signed 32-bit integer, not a size_t. And that, my friend, while a very large number, can be overrun........

 

 

https://www.zdnet.com/article/patch-now-linux-file-system-security-hole-dubbed-sequoia-can-take-over-systems/

  • +1 1
Link to comment
Share on other sites
securitybreach

securitybreach

Posted
  • Author
Posted

And like the article plainly states:

 

This fix is also available in most Linux distributions now. So, if you've been sitting on your hands and not updating your Linux computers, it's time to get off them and start typing in patching commands.

 

Link to comment
Share on other sites
sunrat

sunrat

Posted
Posted
13 minutes ago, securitybreach said:

It's not click bait at all. The article was written by Steven J. Vaughan-Nichols  on the 21st.

 

Obviously it's not a trivial problem but so often vulnerabilities get overstated. I was just stirring a little to call it clickbait.

  • Like 1
Link to comment
Share on other sites
V.T. Eric Layton

V.T. Eric Layton

Posted
Posted

Patched in Slackware on 21 July:

 

Quote

patches/packages/linux-4.4.276/*: Upgraded. These updates fix various bugs and security issues, including the recently announced local privilege escalation vulnerability in the filesystem layer (CVE-2021-33909).

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...