CVE-2017-16996 log
Source |
|
Severity | High |
Remote | No |
Type | Privilege escalation |
Description | An arbitrary memory r/w access issue was found in the Linux kernel before 4.14.9 compiled with the eBPF bpf(2) system call (CONFIG_BPF_SYSCALL) support. The issue could occur due to calculation errors in the eBPF verifier module, triggered by user supplied malicious BPF program. An unprivileged user could use this flaw to escalate their privileges on a system. Setting parameter "kernel.unprivileged_bpf_disabled=1" prevents such privilege escalation by restricting access to bpf(2) call. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-574 | linux-hardened | 4.14.7.a-1 | 4.14.11.a-1 | High | Fixed | FS#56832 |
AVG-571 | linux-zen | 4.14.7-1 | 4.14.11-1 | High | Fixed | FS#56832 |
AVG-560 | linux-lts | 4.9.73-1 | 4.9.74-1 | High | Not affected | FS#56832 |
AVG-552 | linux | 4.14.7-1 | 4.14.11-1 | High | Fixed | FS#56832 |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
05 Jan 2018 | ASA-201801-4 | AVG-574 | linux-hardened | High | multiple issues |
05 Jan 2018 | ASA-201801-3 | AVG-571 | linux-zen | High | multiple issues |
05 Jan 2018 | ASA-201801-1 | AVG-552 | linux | High | multiple issues |
References |
---|
https://bugs.chromium.org/p/project-zero/issues/detail?id=1454 http://www.openwall.com/lists/oss-security/2017/12/21/2 https://git.kernel.org/linus/0c17d1d2c61936401f4702e1846e2c19b200f958 |
Notes |
---|
Workaround by disabling unprivileged bpf: sysctl -w kernel.unprivileged_bpf_disabled=1 |