Linux Vulnerabilities Could Lead to Attackers Gaining Root Privileges

Author: Melodie Foster

Date: 15th March 2021

Three flaws have been found in the Linux kernel within the iSCSI module. This module is used for accessing shared data storage facilities and could allow root privileges for an attacker with a user account. These flaws have existed in Linux code since 2006 and have only recently been discovered.

The three vulnerabilities can allow a hacker with basic user privileges to bypass exploit-blocking security features which can lead to: elevation of privileges, leaking information and denials of service. However, the vulnerable module isn’t as prevalent as it once was and therefore isn’t loaded by default. Furthermore, the flaw is in a section of code that is not remotely accessible so an attacker would need physical access to be able to exploit it.

However, since the Linux kernel will either load modules because of new hardware being detected or because a kernel function has detected a missing module, an attacker can load the module and exploit it for privilege escalation.

It is therefore recommended to update to the latest versions of kernel where the flaw has been fixed which are: 5.11.4, 5.10.21, 5.4.103, 4.19.179, 4.14.224, 4.9.260, and 4.4.260. Older kernels have reached end-of-life and won’t receive patches[1].

[1] https://www.scmagazine.com/home/security-news/vulnerabilities/three-flaws-that-sat-in-linux-kernel-since-2006-could-deliver-root-privileges-to-attackers/

Other resources

Cyberfort Colocation Services

Cyberfort has invested heavily in secure infrastructure, making us the perfect colocation service provider to host your mission-critical, sensitive and regulated data.
Find out more >

What can Cyberfort do for you?

Check out our factsheets for detailed information on the matrix of cybersecurity products and services we offer to protect your business.
Find out more >

Cyberfort Deep Dives

Cyberfort’s cybersecurity consultants explore issues in cyber threat intelligence, incident planning and data security. Read our whitepapers to help make decisions that benefit your business.
Find out more >

Cookie Name	Expiration Time	Description
_ga	2 years	Used to distinguish users.
_gid	24 hours	Used to distinguish users.
_gat	1 minute	Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_<property-id>.

_gac_<property-id>	90 days	Contains campaign related information for the user. If you have linked your Google Analytics and Google Ads accounts, Google Ads website conversion tags will read this cookie unless you opt-out.
__hstc	13 months	The main cookie for tracking visitors.
hubspotutk	13 months	This cookie keeps track of a visitor's identity. It is passed to HubSpot on form submission and used when deduplicating contacts.
__hssc	30 minutes	This cookie keeps track of sessions.
__hssrc	End of session	Whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser.

Linux Vulnerabilities Could Lead to Attackers Gaining Root Privileges

Author: Melodie Foster

Date: 15th March 2021

Other resources

Cyberfort Colocation Services

What can Cyberfort do for you?

Cyberfort Deep Dives

Recent Posts

Recent Comments

Archives

Categories

Meta