[manjaro-security] [MSA-201601-1] linux: gain root access with keyring exploid
Philip Müller
philm at manjaro.org
Tue Jan 19 19:40:00 CET 2016
Manjaro Linux Security Advisory MSA-201601-1
==============================================
Severity: High
Date : 2016-01-19
CVE-ID : CVE-2016-0728
Package : linux3xx and linux4x
Type : gain root access
Remote : No
Summary
=======
The package ntp before version 4.2.8.p5-1 is vulnerable to time alteration.
Resolution
==========
apply attached patch to your kernel
Workaround
==========
none
Description
===========
The vulnerability, CVE-2016-0728, lives in the keyring facility built
into the various flavors of Linux. The keyring encrypts and stores login
information, encryption keys and certificates, and makes them available
to applications. In a report published by Perception Point, researchers
said the vulnerability is a reference leak that can be abused to
ultimately execute code in the Linux kernel.
Running the full exploit[1] will take about 30 minutes to run on a Intel
Core i7-5500 CPU.
Impact
======
The vulnerability affects versions 3.8 and higher.
Patch
=====
sha256sum:
b6ce060a6997861e14d1061d72b96c35476e8967dd26c8020fcff4a5f0fe453d
KEYS-Fix-keyring-ref-leak-in-join_session_keyring.patch
References
==========
[1] https://gist.github.com/PerceptionPointTeam/18b1e86d1c0f8531ff8f
[2] http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2016-0728
[3]
http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/
[4]
https://threatpost.com/serious-linux-kernel-vulnerability-patched/115923/
[5]
http://www.phoronix.com/scan.php?page=news_item&px=Linux-Kernel-2016-0-Day
-------------- next part --------------
A non-text attachment was scrubbed...
Name: KEYS-Fix-keyring-ref-leak-in-join_session_keyring.patch
Type: text/x-patch
Size: 1947 bytes
Desc: not available
URL: <http://lists.manjaro.org/pipermail/manjaro-security/attachments/20160119/de34e960/attachment.bin>
More information about the manjaro-security
mailing list