Author: Melodie Foster
Date: 31st March 2021
Two vulnerabilities in Linux have been disclosed that could let attackers bypass mitigations put in place for speculative attacks like Spectre, and access information from kernel memory.
Despite the flaws being given a CVSS of 5.5 out of 10 making it a medium, they can be abused to obtain content from any location within kernel memory. They can bypass the countermeasures put in place for previous vulnerabilities Spectre and Meltdown that abused flaws in processors to leak data. However, since the fixes put in place were at the operating system level as opposed to finding a solution for the underlying issue, this allowed the two new flaws to take advantage of the kernel’s support for a network packet filter to grab the contents of the kernel memory.
If successfully exploited, these vulnerabilities could allow an attack to obtain information from other users sharing the same vulnerable machine.
Patches were released last week, and the vulnerabilities affect all Linux kernel versions prior to 5.11.8 so it is recommended to upgrade to the latest version.
Arcturus Deep Dives
Arcturus cybersecurity consultants explore issues in cyber threat intelligence, incident planning and data security. Read our whitepapers to help make decisions that benefit your business.
Find out more >