Five Year Old Flaw Fixed In Linux Kernel

Linux kernel developers have discovered and patched a vulnerability that had been present in the code for the past five years.

CVE-2014-0196 is a serious code-execution bug that could allow the attacker to run malicious code on vulnerable systems, or simply crash them. Due to its properties, it is especially dangerous to computers in a shared hosting environment.

Now, the fix needs to make its way into various Linux distributions, with Ubuntu among the first to report compliance.

It’s been a long time

The vulnerability in the ‘pseudo tty’ (pty) device, discovered by Jiri Slaby, was introduced into the Linux kernel in version 2.6.31-rc3 which was released way back in 2009. It allows the attacker to corrupt memory to cause denial of service, or gain administrator privileges to enable data theft.

Dan Rosenberg, a senior security researcher at Azimuth Security, told Ars Technica that it could also be used in multi-stage attacks that exploit a variety of bugs and give the attacker complete control over a target system.

Rosenberg added that this could be the most serious bug discovered in the kernel code for a few years.

Since the vulnerability requires the attacker to have a local user account, it poses a particular threat to shared public cloud servers.

According to Marsh Ray, an authentication expert at Microsoft, the vulnerability also affects non-Linux projects based on the kernel, including Android and ChromeOS.

Canonical has already released a relevant patch for Ubuntu, while Red Hat said its Enterprise Linux 5 does not contain the vulnerability. A patch for RHEL 6 is currently in development. Debian said these problems have been fixed in version 7 of its distribution codenamed ‘Wheezy’, but still remain in the unstable version codenamed ‘Sid’.

System administrators are advised to update their Linux distributions as soon as possible. You can see a proof-of-concept exploit based on CVE-2014-0196 here.

Last month, security researchers patched a serious vulnerability in the popular OpenSSL cryptographic library that they say has left its users exposed for more than two years.

How well do you know open source software? Take our quiz!