How to fix the local rights loophole CVE-2017-16995 in linux kernel 02/24 Update SLTechnology News&Howtos

How to fix the local rights loophole CVE-2017-16995 in linux kernel

2025-02-24 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Shulou(Shulou.com)06/01 Report--

How to fix the linux kernel local rights vulnerability CVE-2017-16995, I believe that many inexperienced people do not know what to do, so this paper summarizes the causes of the problem and solutions, through this article I hope you can solve this problem.

Overview of vulnerabilities

Jann Horn found that in the implementation of Berkeley Packet Filter (BPF) in the kernel, the check_alu_op function in the kernel/bpf/ verifier.c source code from version 4.14.8 of the Linux kernel enabled incorrect symbolic extension, which could lead to arbitrary read and write vulnerabilities in memory. Ordinary users can take advantage of this loophole to implement arbitrary code and obtain local rights raising operation.

Recently, the Linux kernel vulnerability exploit code of CVE-2017-16995 has been released:

Affect the version

Linux Kernel Version 4.14 v4.4 (mainly Debian and Ubuntu distributions)

View kernel version information

Cat / proc/version

Impact of ubuntu version

Please refer to https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-16995.html for more information

Redhat series are not affected

The author breathed a sigh of relief and just watched the fun.

Repair recommendations:

At present, there is no clear patch upgrade plan. It is recommended that users restrict the use of bpf (2) system calls by ordinary users by modifying kernel parameters after assessing the risk:

$sudo sysctl kernel.unprivileged_bpf_disabled=1

$echo kernel.unprivileged_bpf_disabled=1 | sudo tee / etc/sysctl.d/90-CVE-2017-16995-CVE-2017-16996.conf

With regard to upgrade patches, some ubuntu versions have provided the links listed in the previous section, and upgrades can be arranged as appropriate.

After reading the above, do you know how to fix the local rights raising vulnerability CVE-2017-16995 in the linux kernel? If you want to learn more skills or want to know more about it, you are welcome to follow the industry information channel, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.