An information disclosure vulnerability in the Linux kernel can be exploited to disclose data and serve as a springboard for further compromise.
Revealed by researchers at Cisco Talos on Tuesday, the security flaw is described as an information disclosure vulnerability “which could allow an attacker to view kernel stack memory.”
The kernel is a key component of the open source Linux operating system. The vulnerability, known as CVE-2020-28588, was discovered in the proc / pid / syscall functionality of 32-bit Arm devices running the OS.
According to Cisco, the problem was first discovered in a device running Azure Sphere. Attackers seeking to exploit a security vulnerability could have read the operating system’s / syscall file through Proc, a system used to interface between kernel data structures.
The / syscall procfs entry could have been exploited by attackers issuing commands to output 24 bytes into uninitialized stack memory, leading to a Kernel Address Space Layout Randomization (KASLR) bypass.
An “impossible to detect remotely on a network” attack
The researchers claim that this attack would be “impossible to detect remotely on a network” because it is the reading of a legitimate file of the Linux operating system.
“Used correctly, this security flaw could allow an attacker to take advantage of this information leak to successfully exploit other unpatched Linux vulnerabilities,” Cisco adds.
Linux kernel versions 5.10-rc4, 5.4.66, and 5.9.8 are affected, and a patch was released on December 3 to address the issue. Users are encouraged to update their builds to the most recent versions.