The Most Notorious Linux Bugs and Vulnerabilities (Exploits) - How to, Technology and PC Security Forum | SensorsTechForum.com

The Most Notorious Linux Bugs and Vulnerabilities (Exploits)

Usually the Linux-kernel distributions are all made to be secure by design. But as long as there is code, there will be bugs and most Linux distributions are notorious for the numerous bugs that they have had over the years. In this article we will show you 5 of the most annoying and dangerous Linux bugs that have come out in the last couple of years.

“Dirty Cow” Bug

Probably the most notorious Linux privilege escalation bug, “Dirty Cow” plagued Linux operating systems, giving hackers privilege to write to the read-only memory of Linux, where are the most important system functions. From there, the abbreviation COW (copy on write) was included in the name of the virus. The most shocking part of all, is that the bug existed for up to 9 years, before it was fixed, which is quite shocking and scary. The most dangerous part of it however is that it only takes a local user to access the system – shell accounts, for instance.

The “Network Manager”Bug

This bug is a very annoying one and it was mainly characterized as how widespread it can become for a small time-frame. This is because if the bug appears on one Linux distribution, it automatically passes on to other Linux distros. The danger comes not from the fact that the bug is actually harmless for the files, but that it directly liquidates the network of the distribution, cutting out the Wi-Fi connection. The methods to solve this bug is to either reinstall the distribution or let the OS to enter sleep mode.

CVE-2016-5195 – Privilege Escalation Bug Still Used Today

Being a very serious Linux vulnerability, this bug’s usage has resulted in multiple different privilege escalation which can lead to code-execution. And while the bug was patched somewhere around October 2016, many still feel concerned about the Linux distributions which are unpatched, because this vulnerability could lead to providing greater control over the Linux machines. The most targeted vendors by the vulnerability were Linux-based Web hosting providers who also give ability to use Shell access. This results in an infected user to compromise other neighbor users in the network. But it is not limited to other neighboring users, the vulnerability can even gain access to administrator machines. The vulnerability was discovered by Phil Oester, who stumbled upon the exploit, while using HTTP packet capturing software.

CVE-2014-0196 – The Five Year Bug

This bug is closely related to the memory-corruption of the Linux machine and it was released into public after the year 2009. It allows users with no privilege on the Linux machine to crash and enter malicious code on the compromised machine. The bug was discovered to be located in the n_tty_write function which is responsible for controlling an aspect of the pseudo tty in Linux machines. It has been reported to exist in various Linux distributions widely used at that time. The worse part of it, is that it wasn’t patched until 5 years after it’s discovery, giving it the nickname, “The 5 Year Old Bug”.

CVE-2016-10229 – Linux Remote Root Flow

This UDP exploiting flaw was discovered by Eric Dumazet a Google researcher who exposed that this flaw could be used to attack a system remotely and hijack the kernel box. Since the hacker has to go through a lot of pain, like create custom packers and trigger checksum operations, it has been categorized to not be as dangerous as initially though. However, it’s proper configuration could have led to administrator users to be stripped of their privileges on Ubuntu and Debian distributions.

Vencislav Krustev

A network administrator and malware researcher at SensorsTechForum with passion for discovery of new shifts and innovations in cyber security. Strong believer in basic education of every user towards online safety.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...