Beat the Linux kernel vulnerability through Accelerite Sentient

 In Accelerite Blog

Vulnerability CVE-2017-1000253 in the Linux kernel has put users of certain Debian, Red Hat and CentOS distributions at risk, as per a recent public disclosure announcement. This is one of those devils that returns from the dead. It was originally discovered and patched in April, 2015.

So how did this issue come back? Well, it hasn’t really; it was always there. Some Linux distributions, especially those used for servers are LTS i.e. long term support enabled. These earlier LTS kernel versions have remained carriers of the bug, since the patch was not back-ported to them.

What exactly is the threat?

If an ELF (Executable and linkable format) binary, is built as a position independent executable (PIE), it is possible that its data segment writes to the stack area of the Linux kernel. Having gained an entry into the stack through this corruption, there are ways to surpass the authentication mechanisms put in place and gain administrator permissions. This higher privilege can be utilized to seize complete control of the system or server, and can also have further security implications.

How can Sentient help you?

The primary action required in this case is to check for the presence of a vulnerable Linux kernel version, and if found, to apply the right patch to safeguard your system. Patches have been made available by the respective Linux distros. Accelerite Sentient, through its script execution capability can easily detect these vulnerable versions, and take remediation measures of applying patches all across your system, within a matter of minutes.

Know more about Accelerite Sentient here

Sentient is available for free trial at https://accelerite.com/products/sentient/.

If you have any more questions, please write to us at support@accelerite.com.

Recommended Posts

Leave a Comment

Start typing and press Enter to search