Linux Kernel Bug Allows Local-To-Root Privilege EscalationLinux Kernel Bug Allows Local-To-Root Privilege Escalation

Tens of millions of Linux servers, desktops, plus 66 percent of Android devices affected.

Sara Peters, Senior Editor

January 19, 2016

1 Min Read
Dark Reading logo in a gray background | Dark Reading

Tens of millions of Linux PCs and servers and 66% of all Android devices are impacted by a  vulnerability in the Linux kernel that allows privilege escalation from local to root via a use-after-free attack, according to the research team at Perception Point.

Although no exploits for the bug have been seen in the wild yet, the vulnerability is far-reaching. According to Yevgeny Pats, co-founder and CEO of Perception Point, the bug affects all Linux kernels from release 3.8 and later, both 32-bit and 64-bit, operating on desktop, server, mobile, and embedded devices. 

The vulnerability, CVE-2016-0728, is a reference leak in the keyrings facility, where security data like encryption keys and authentication keys are stored.

Keyring objects can be shared between processes by referring to the same keyring name. The reference leak occurs when an error message is generated if a process tries to replace its current session keyring with the same one. 

Once the object is leaked, it can be leveraged in a use-after-free exploit that grants the attacker root access.

For more information, see the technical analysis at: http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/

About the Author

Sara Peters

Sara Peters

Senior Editor

Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad of other topics. She authored the 2009 CSI Computer Crime and Security Survey and founded the CSI Working Group on Web Security Research Law -- a collaborative project that investigated the dichotomy between laws regulating software vulnerability disclosure and those regulating Web vulnerability disclosure.


See more from Sara Peters
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars
Events
More Events

Editor's Choice

Windows update screen on a laptop computer
Application Security
Microsoft's February Patch a Lighter Lift Than January'sMicrosoft's February Patch a Lighter Lift Than January's
byJai Vijayan, Contributing Writer
Feb 11, 2025
4 Min Read
Human finger pointing to the word "deepseek" in blue on a computer screen with the words "into the unknown" under it
Cyber Risk
DeepSeek AI Fails Multiple Security Tests, Raising Red Flag for BusinessesBiz Beware: DeepSeek AI Fails Multiple Security Tests
byElizabeth Montalbano, Contributing Writer
Feb 11, 2025
4 Min Read
Binary code floating trough space on an angle
Cyberattacks & Data Breaches
Salt Typhoon's Impact on the US & BeyondSalt Typhoon's Impact on the US & Beyond
byMichael McLaughlin, Jillian Cashand 1 more
Feb 11, 2025
4 Min Read
Reports
More Reports
Webinars
More Webinars
White Papers
More Whitepapers
Events
More Events