Linux Kernel Vulnerability

Imechapishwa: Jul 18, 2018 09:37

Advisory No: TZCERT/SA/2018/07/03

Source: Linux Kernel Organization, Cisco, Bugzilla et.c

Software Affected:

Overview

A vulnerability has been reported in Linux kernel which could allow a local attacker to read out kernel memory leading to information disclosure of sensitive information.

Description

Advisory No: TZCERT/SA/2018/07/03 Date of First Release: 3rd July 2018 . Source: Linux Kernel Organization, Cisco, Bugzilla et.c Product Affected: Linux kernel prior to 4.16.6 Overview: A vulnerability has been reported in Linux kernel which could allow a local attacker to read out kernel memory leading to information disclosure of sensitive information. Description: This vulnerability exists in the cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c of the Linux Kernel due to its failure to handle incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl. A local attacker could exploit this vulnerability by executing a malicious input to the target system. Impact: Successful exploitation of this vulnerability could allow the attacker to read kernel memory leading to disclosure of sensitive information. Solution: Users and administrators are urged to apply appropriate updates and patches as mentioned in the following links:  Kernel 4.16.6 or later and cdrom: information leak in cdrom_ioctl_media_changed() Furthermore, system administrators are recommended to monitor their critical systems running on linux operating systems (OS) and ensure that only trusted and privileged users have access. References:

  1. https://tools.cisco.com/security/center/viewAlert.x?alertId=58170&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Linux%20Kernel%20cdrom_ioctl_media_changed%20Function%20Kernel%20Memory%20Read%20Vulnerability&vs_k=1
  2. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9de4ee40547fd315d4a0ed1dd15a2fa3559ad707
  3. https://bugzilla.redhat.com/show_bug.cgi?id=1577408

Impact

Successful exploitation of this vulnerability could allow the attacker to read kernel memory leading to disclosure of sensitive information.

Solution

Users and administrators are urged to apply appropriate updates and patches as mentioned in the following links:  Kernel 4.16.6 or later and cdrom: information leak in cdrom_ioctl_media_changed() Furthermore, system administrators are recommended to monitor their critical systems running on linux operating systems (OS) and ensure that only trusted and privileged users have access.

References

Subscribe To TZ - CERT Newsletter

A digest of Tanzania Computer Emergency Response Team coverage of cyber-security news across the globe.

Subscribe
Ripoti Tukio