| Wednesday May 25th 2016

Linux Kernel eCryptfs vulnerability

Due to a vulnerability in the Linux kernel, a local attacker on a system with Linux kernel series 2.6 could crash the system to deny service to legitimate users or possibly obtain root privileges.

crypto securitySecurity Lab say the vulnerability is in fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before allows local users to cause a denial of service (fault or memory corruption), and possibly have some other unspecified impact, by making a readlink call that results in an error. The error leads to the call returning a -1 value as an array index. For those who compile their own kernel builds: there is a three line patch. The issue is fixed in the recently released version of the Linux kernel. According to an advisory on Security Focus how an exploit might be developed is apparently still unclear and to-date there are no known exploits.

eCryptfs is now an option for some Linux distributions such as Ubuntu 8.10 “Intrepid Ibex”. It adds metadata to a normal file to allow for transparent, portable encryption and decryption of the file.

Related Posts: On this day...

Leave a Reply

You must be logged in to post a comment.