Check the status of CVEs. Learn More.
Keeping your systems up 100% of the time requires live patching. Our solutions will align strongly with your risk, compliance, and operational uptime requirements.
TuxCare is trusted by the most innovative companies across the globe.
Learn about TuxCare's modern approach to reducing cybersecurity risk with Blogs, White Papers, and more.
Continually increasing Cybersecurity, stability, and availability of Linux servers and open source software since 2009.
TuxCare provides live security patching for numerous industries. Learn how TuxCare is minimizing risk for companies around the world.
2x a month. No spam.
February 10, 2021 - TuxCare expert team
A new week, a new vulnerability announced. This time, it affects kernels starting from version 5.5-rc1 (November 2019) up 5.10.13 (February 2021).
This vulnerability is an improperly handled race condition in the AF_VSOCK implementation, a kernel facility available to unprivileged users that is shipped as a kernel module in all major distributions.It allows an unprivileged local user to write a malicious program that provides privilege escalation and full system access as a consequence.
It was introduced in the kernel as part of a patch that introduced multi-transport VSOCK support. This code would have locks in place that didn’t account for the possibility of a variable change on a different but related code path.
This specific kernel functionality (VSOCK) was not particularly affected by vulnerabilities over the years (only three kernel vulnerabilities mention VSOCK over the last 8 years), but it does raise the point that, wherever a security specialist digs deep enough, something ends up vulnerable.
This vulnerability was (responsibly) disclosed on the OSS-Security mailing list, and code patches fixing it have been merged as of version 5.10.13. The kernel being used on major distributions is receiving vendor-supplied patches.
If you prefer to patch it without waiting for a maintenance window or without rebooting your system, KernelCare is now receiving patches for this vulnerability that are applied without disruption. EL8 already has patches ready, the other supported distributions will receive them shortly as well.
A detailed article will be up in the blog soon.
Learn About Live Patching with TuxCare
End-of-life software is just a fact of our fast-paced technology...
Look, everyone knows that it’s a tough act. Thousands of...
The public sector, including state and federal agencies, are at...
If your organization deploys IoT solutions, you know that development...
We continue to look at the code issues that cause...
Catastrophic risks such as natural disasters and indeed cyberattacks require...