Author: Melodie Foster
Date: 15th March 2021
Three flaws have been found in the Linux kernel within the iSCSI module. This module is used for accessing shared data storage facilities and could allow root privileges for an attacker with a user account. These flaws have existed in Linux code since 2006 and have only recently been discovered.
The three vulnerabilities can allow a hacker with basic user privileges to bypass exploit-blocking security features which can lead to: elevation of privileges, leaking information and denials of service. However, the vulnerable module isn’t as prevalent as it once was and therefore isn’t loaded by default. Furthermore, the flaw is in a section of code that is not remotely accessible so an attacker would need physical access to be able to exploit it.
However, since the Linux kernel will either load modules because of new hardware being detected or because a kernel function has detected a missing module, an attacker can load the module and exploit it for privilege escalation.
It is therefore recommended to update to the latest versions of kernel where the flaw has been fixed which are: 5.11.4, 5.10.21, 5.4.103, 4.19.179, 4.14.224, 4.9.260, and 4.4.260. Older kernels have reached end-of-life and won’t receive patches.
Cyberfort Colocation Services
Cyberfort has invested heavily in secure infrastructure, making us the perfect colocation service provider to host your mission-critical, sensitive and regulated data.
Find out more >
Cyberfort Deep Dives
Cyberfort’s cybersecurity consultants explore issues in cyber threat intelligence, incident planning and data security. Read our whitepapers to help make decisions that benefit your business.
Find out more >