[$] The Sequoia seq_file vulnerability

Post Syndicated from jake original https://lwn.net/Articles/863729/rss

A local root hole in the Linux kernel, called Sequoia, was disclosed
by Qualys
on July 20. A full system compromise is possible until
the kernel is patched (or mitigations that may not be fully effective are applied). At
its core, the vulnerability relies on a path through the kernel where
64-bit size_t values are “converted” to signed integers, which effectively
results in an overflow. The flaw was reported to Red Hat on June 9,
along with a local
systemd
denial-of-service vulnerability
, leading to a kernel crash, found at the same time.
Systems with untrusted local users need updates for both problems applied as soon as
they are available—out of
an abundance of caution, other systems likely should be updated as well.