Linux kernel bug could allow cyberattackers to access sensitive data

Researchers at Cisco Talos Intelligence Group have uncovered a vulnerability that exists in the Linux kernel. The research was posted in the Cisco Talos security news blog, and according to it, the vulnerability allows for information disclosure. An information disclosure vulnerability is more or less leakage of sensitive data that cyberattackers should not have access to. Cisco Talos describes the threat to the Linux kernel as follows:

This vulnerability specifically exists in the /proc/pid/syscall functionality of 32-bit ARM devices running Linux.

TALOS-2020-1211 (CVE-2020-28588) is an information disclosure vulnerability that could allow an attacker to view Kernel stack memory . We first discovered this issue on an Azure Sphere device (version 20.10), a 32-bit ARM device that runs a patched Linux kernel.

An attacker could exploit this vulnerability by reading /proc/<pid>/syscall, a legitimate Linux operating system file — making it impossible to detect on a network remotely. If utilized correctly, an attacker could leverage this information leak to successfully exploit additional unpatched Linux vulnerabilities.

According to the researchers who found the bug, Lilith >_> and Claudio Bozzato of Cisco Talos, there is a patch for this vulnerability that is recommended to be installed as soon as possible. The Linux kernel versions 5.10-rc4, 5.4.66, and 5.9.8 are the specific variants affected by (CVE-2020-28588).

Of the vulnerabilities that occur in Linux, kernel bugs are fairly sparse. The good thing about the Linux operating system, and why many cybersecurity professionals prefer it, is that its decentralized, open-source infrastructure allows for severe bugs to be found quickly. The code is available to anyone, and as a result, it can be parsed for any issues that may affect the user base as a whole. Closed-source technology (such as Apple OS) always requires a number of hoops to jump through before proper bug hunting can begin.

Do not delay: Patch your system immediately if you run any of the affected versions.

Featured image: Pixabay

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top