A Vulnerability in Linux Kernel Could Allow for Data Overwrite in Arbitrary Read-Only Files
MS-ISAC ADVISORY NUMBER:
2022-030DATE(S) ISSUED:
03/08/2022OVERVIEW:
A vulnerability has been discovered in the Linux kernel, which could allow for data overwrite in arbitrary read-only files by non-privilege users. Linux is a family of open-source Unix-like operating systems based on the Linux kernel. Successful exploitation of this vulnerability could allow for root privilege escalation.
SYSTEMS AFFECTED:
- Linux Kernels version 5.8 to 5.16.10, 5.15.24 and 5.10.101
RISK:
Government:
Businesses:
Home Users:
TECHNICAL SUMMARY:
A vulnerability has been discovered in the Linux kernel, which could allow for data overwrite in arbitrary read-only files by non-privilege users. Linux is a family of open-source Unix-like operating systems based on the Linux kernel. Successful exploitation of this vulnerability could allow for root privilege escalation through the editing of administrative files such as /etc/passwd.
RECOMMENDATIONS:
We recommend the following actions be taken:
- Update affected systems to kernel versions that have remediated the vulnerability.
- Remind users not to visit un-trusted websites or follow links provided by unknown or un-trusted sources.
- Apply the Principle of Least Privilege to all systems and services.