Linux use-after-free vulnerability found in Linux 2.6 through 4.20.11

1 min read

Last week, a Huawei engineer reported a vulnerability present in the early Linux 2.6 kernels through version 4.20.11. The Kernel Address Sanitizer (KASAN) that detects dynamic memory errors within the Linux kernel code was used to uncover the use-after-free vulnerability which was present since early Linux versions.

The use-after-free issue was found in the networking subsystem’s sockfs code and could lead to arbitrary code execution as a result.

KASAN (along with the other sanitizers) have already proven quite valuable in spotting various coding mistakes hopefully before they are exploited in the real-world. The Kernel Address Sanitizer picked up another feather in its hat with being responsible for the CVE-2019-8912 discovery.

The CVSS v3.0 Severity and Metrics gave this vulnerability a 9.8 CRITICAL score.

A fix for this vulnerability is already released and will come to all Linux distributions in a couple of days, and will probably be backported to any supported Linux kernel versions.

According to a user on Hacker News, “there may not actually be a proof-of-concept exploit yet, beyond a reproducer causing a KASAN splat. When people request a CVE for a use-after-free bug they usually just assume that code execution may be possible.”

To know more about this vulnerability, visit the NVD website.

Read Next

Intel releases patches to add Linux Kernel support for upcoming dedicated GPU releases

Undetected Linux Backdoor ‘SpeakUp’ infects Linux, MacOS with crypto miners

OpenWrt 18.06.2 released with major bug fixes, updated Linux kernel and more!

Savia Lobo
A Data science fanatic. Loves to be updated with the tech happenings around the globe. Loves singing and composing songs. Believes in putting the art in smart.

Share this post

Popular

G Suite administrators’ passwords were unhashed for 14 years, notifies Google

Today, Google notified its G Suite administrators that some of their passwords were being stored in an encrypted internal system unhashed, i.e., in plaintext,...