Red Hat has released a patch for a recently discovered vulnerability that allowed local elevation of privilege, potentially putting all types of Linux systems at risk.
As explained in the advisory, the vulnerability, tracked as CVE-2022-27666, was discovered in IPSec's Encapsulating Security Payload (esp6) encryption module, or in other words, a stack overflow vulnerability.
The flaw was discovered by one Xiaochen Zou, a graduate student at the University of California, Riverside. He explained that "the basic logic of this vulnerability is that the receive buffer of a user message in the esp6 module is an 8-page buffer, but the sender can send a message of more than 8 pages, which clearly creates an overflow." of buffer".
lock the system
In the Red Hat advisory, the flaw was described as allowing a malicious actor with normal user privileges to overwrite kernel heap objects, which can lead to local elevation of privilege.
The vulnerability received a severity score of 7,8.
Red Hat also warned administrators that on Linux systems that already use IPsec and have configured IPSec security associations (SAs), a malicious actor would not need additional privileges to exploit the vulnerability.
However, these are critical to the network's security protocol, ZDNet claims, which means "almost anyone with vulnerable code" in your Linux distribution is a potential target.
According to Xiaochen, the latest Ubuntu, Fedora and Debian Linux distributions are all vulnerable, as well as Red Hat Enterprise Linux (RHEL) 8. The flaw can take a Linux system offline, it was said.
The same patch also fixes CVE-2022-1055, a post-release use vulnerability found in the network traffic control implementation, which can also crash a vulnerable system. It can also be used to gain elevated privileges and has been described as "high priority" for patching.
Since both vulnerabilities allow elevation of privilege and could be used for denial of service attacks, administrators are advised to patch their endpoints as soon as possible.
Via: ZDNet