HomeUpdateThis is why Attackers could get their hands on your linux kernel

This is why Attackers could get their hands on your linux kernel

-

Last Updated on 05/03/2022 by Nidhi Khandelwal

Details concerning a now-patched high-severity vulnerability in the Linux kernel that could be exploited to escape a container and execute arbitrary instructions on the container host have surfaced.

This is why Attackers could get their hands on your linux kernel 1

The flaw is due to a Linux kernel feature known as control groups, also known as cgroups version 1 (v1), which allows programmes to be arranged into hierarchical groups, effectively allowing users to regulate and monitor resource utilization such as CPU, memory, disc I/O, and network.

The vulnerability is identified as CVE-2022-0492 (CVSS score: 7.0), and it involves a case of privilege escalation in the cgroups v1 release agent feature, which is a script that is executed after any process in the cgroup is terminated.

In a paper released this week, Unit 42 researcher Yuval Avrahami said, “The issue stands out as one of the simplest Linux privilege escalations reported in recent times: the Linux kernel accidentally exposed a privileged function to unprivileged users.”

The value in the notify on release file in the relevant cgroup directory determines whether or not the release agent programme is called when a certain cgroup becomes empty. The release agent programme is not run if this file contains the value 0. If the value 1 is present, the release agent programme is run. In the root cgroup, the default value for this file is 0.

Linux is now more useful for developers

To put it another way, if an attacker overwrites the release agent file, the kernel will be compelled to call an arbitrary programme set in the release agent with the highest possible permissions, thereby allowing a complete takeover of the machine.

It’s worth noting, however, that only processes with “root” rights can write to the file, implying that the flaw only allows root processes to raise their privileges.

Nidhi Khandelwal
Nidhi Khandelwal
Nidhi is a tech news/research contributor at TheDigitalHacker. She publishes about techno geopolitics, privacy, and data breach.
- Advertisment -

Must Read

This is how Russia is being punished for the war

0
The developer of the popular "node-ipc" NPM package published a new modified version to denounce Russia's invasion of Ukraine, sparking concerns about open-source and...