Zero Day Flaw in Linux Kernal, Millions of Linux Servers Affected

Recently Perception Point Research team was identified a zero-day local privilege escalation vulnerability in the Linux kernel,the vulnerability has existed since 2012.

This vulnerability has implications for approximately tens of millions of 32-bit and 64-bit using Linux PCs and servers.

The most bothersome part is that the problem affects Android versions KitKat and higher, which means about 66 percent of all Android devices are also exposed to the serious Linux kernel flaw.

The vulnerability affects any Linux Kernel version 3.8 and higher.  SMEP & SMAP will make it difficult to exploit as well as SELinux on android devices. 

list of affected Linux distros:

Red Hat Enterprise Linux 7
CentOS Linux 7
Scientific Linux 7
Debian Linux stable 8.x (jessie)
Debian Linux testing 9.x (stretch)
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Workstation Extension 12
SUSE Linux Enterprise Workstation Extension 12 SP1
Ubuntu Linux 14.04 LTS (Trusty Tahr)
Ubuntu Linux 15.04 (Vivid Vervet)
Ubuntu Linux 15.10 (Wily Werewolf)
Opensuse Linux LEAP and version 13.2

How to fix it on Linux?

Type the commands as per your Linux distro. You need to reboot the box. Before you apply patch, note down your current kernel version:

$ uname -a
$ uname -mrs

Sample outputs:

Linux 3.13.0-74-generic x86_64

Debian or Ubuntu Linux
$ sudo apt-get update && sudo apt-get upgrade && apt-get dist-upgrade

Sample outputs:

Reading package lists… Done
Building dependency tree
Reading state information… Done
Calculating upgrade… Done
The following packages were automatically installed and are no longer required:
  git-man liberror-perl
Use ‘apt-get autoremove’ to remove them.
The following NEW packages will be installed:
  linux-headers-3.13.0-76 linux-headers-3.13.0-76-generic
  linux-image-3.13.0-76-generic linux-image-extra-3.13.0-76-generic
The following packages will be upgraded:
  linux-generic linux-headers-generic linux-image-generic
3 upgraded, 4 newly installed, 0 to remove and 0 not upgraded.
Need to get 61.6 MB of archives.
After this operation, 271 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 trusty-security/main linux-image-3.13.0-76-generic amd64 3.13.0-76.120 [15.2 MB]
Get:2 trusty-security/main linux-image-extra-3.13.0-76-generic amd64 3.13.0-76.120 [36.8 MB]
Get:3 trusty-security/main linux-generic amd64 [1,780 B]

Setting up linux-image-extra-3.13.0-76-generic (3.13.0-76.120) …
run-parts: executing /etc/kernel/postinst.d/apt-auto-removal 3.13.0-76-generic /boot/vmlinuz-3.13.0-76-generic
run-parts: executing /etc/kernel/postinst.d/dkms 3.13.0-76-generic /boot/vmlinuz-3.13.0-76-generic
run-parts: executing /etc/kernel/postinst.d/initramfs-tools 3.13.0-76-generic /boot/vmlinuz-3.13.0-76-generic
update-initramfs: Generating /boot/initrd.img-3.13.0-76-generic
run-parts: executing /etc/kernel/postinst.d/zz-update-grub 3.13.0-76-generic /boot/vmlinuz-3.13.0-76-generic
Generating grub configuration file …
Found linux image: /boot/vmlinuz-3.13.0-76-generic
Found initrd image: /boot/initrd.img-3.13.0-76-generic
Found linux image: /boot/vmlinuz-3.13.0-74-generic
Found initrd image: /boot/initrd.img-3.13.0-74-generic
  No volume groups found
Setting up linux-image-generic ( …
Setting up linux-headers-3.13.0-76 (3.13.0-76.120) …
Setting up linux-headers-3.13.0-76-generic (3.13.0-76.120) …
Examining /etc/kernel/header_postinst.d.
run-parts: executing /etc/kernel/header_postinst.d/dkms 3.13.0-76-generic /boot/vmlinuz-3.13.0-76-generic
Setting up linux-headers-generic ( …
Setting up linux-generic ( …
Reboot the server:
$ sudo reboot

RHEL / CentOS Linux
The package will be released soon on both CentOS and RHEL 7:

$ sudo yum update
$ reboot


You need to make sure your version number changed:

$ uname -a
$ umame -mrs

Leave a Reply

Your email address will not be published. Required fields are marked *