Security researchers have released a new proof-of-concept (PoC) exploit that affects all versions of the Linux operating system. The exploit was discovered by UK-based security firm Rhino Security Labs and developed by Justine Cole, a security engineer at the firm. According to Justine, the exploit affects systems running on Unix-like operating systems such as Linux.
The recently released PoC exploit is based on an old vulnerability present in most implementations of the Linux kernel, which allows an attacker to gain unrestricted root access to the system. According to the researchers, the vulnerability affects all Linux kernel versions, including versions such as Red Hat Enterprise Linux 6.x, Ubuntu 14.04.x, CentOS 6.x, and Debian 7.x. Moreover, the vulnerability is also present in some Android-based devices as well as embedded Linux systems.
In order to exploit the vulnerability, the attackers must have a valid system user account. However, once the attacker logs in to the system, the exploit will enable them to gain unrestricted root access to the system, allowing them to take control of the targeted machine. The researchers have also released a detailed walkthrough for analyzing the security vulnerability, as well as a demo video demonstrating the exploit. The researchers have also stated that they have not yet released the source code of the exploit, as they believe it might be used for malicious purposes.
The security researchers have urged all users to update their systems with the latest security patches and to take additional security measures to protect their systems from exploitation. Organizations should also consider deploying additional security measures such as awareness training, incident response plans, or hiring a third-party security team to help identify and patch any security weaknesses.
This Cyber News was published on thehackernews.com. Publication date: Thu, 26 Jan 2023 16:07:02 +0000