Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

StackRot, a new Linux Kernel privilege escalation vulnerability

StackRot is s new security vulnerability in the Linux kernel that could be exploited to gain elevated privileges on a target system. A security vulnerability, dubbed StackRot was found impacting Linux versions 6.1 through 6.4. The issue, tracked as CVE-2023-3269, (CVSS score: 7.8), is a privilege escalation issue that resides in the memory management subsystem. An unprivileged […]

Linux Dirty Frag DirtyDecrypt PinTheft

StackRot is s new security vulnerability in the Linux kernel that could be exploited to gain elevated privileges on a target system.

A security vulnerability, dubbed StackRot was found impacting Linux versions 6.1 through 6.4. The issue, tracked as CVE-2023-3269, (CVSS score: 7.8), is a privilege escalation issue that resides in the memory management subsystem. An unprivileged local user can trigger the flaw to compromise the kernel and escalate privileges.

The vulnerability was discovered in the handling of stack expansion in the Linux kernel 6.1
through 6.4.

“As StackRot is a Linux kernel vulnerability found in the memory management subsystem, it affects almost all kernel configurations and requires minimal capabilities to trigger. However, it should be noted that maple nodes are freed using RCU callbacks, delaying the actual memory deallocation until after the RCU grace period. Consequently, exploiting this vulnerability is considered challenging.” reads the advisory published by security researcher Ruihan Li from Peking University.

The researcher pointed out that this is the first exploit targeting use-after-free-by-RCU (UAFBR) bugs.

“This marks the first instance where UAFBR bugs have been proven to be exploitable, even without the presence of CONFIG_PREEMPT or CONFIG_SLAB_MERGE_DEFAULT settings.” continues the advisory. “Notably, this exploit has been successfully demonstrated in the environment provided by [Google kCTF VRP][ctf] ([bzImage_upstream_6.1.25][img], [config][cfg]).”

The vulnerability was disclosed on June 15, 2023, and it has been addressed on July 1, 2023.

The flaw was introduced with the Linux kernel version 6.1 due to the migration to maple trees. [Maple
trees][mt] are RCU-safe B-tree data structures optimized for storing non-overlapping ranges. Li pointed out that the intricate nature of maple trees adds complexity to the codebase and introduces the StackRot vulnerability.

The good news is that at this time, there is no evidence that the vulnerability has been exploited in attacks in the wild.

Additional technical details about the issue will be publicly released by the end of the month, along with a proof-of-concept (PoC) exploit.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Linux)