Normalmente, as distribuições Linux kernel são todos feitos para ser seguro por design. Mas enquanto há código, there will be bugs and most Linux distributions are notorious for the numerous bugs that they have had over the years. In this article we will show you 5 of the most annoying and dangerous Linux bugs that have come out in the last couple of years.
“Dirty Cow” Bug
Probably the most notorious Linux privilege escalation bug, “Dirty Cow” plagued Linux operating systems, giving hackers privilege to write to the read-only memory of Linux, where are the most important system functions. De lá, the abbreviation COW (copy on write) was included in the name of the virus. The most shocking part of all, is that the bug existed for up to 9 anos, before it was fixed, which is quite shocking and scary. The most dangerous part of it however is that it only takes a local user to access the system – shell accounts, por exemplo.
The “Network Manager”Bug
This bug is a very annoying one and it was mainly characterized as how widespread it can become for a small time-frame. This is because if the bug appears on one Linux distribution, it automatically passes on to other Linux distros. The danger comes not from the fact that the bug is actually harmless for the files, but that it directly liquidates the network of the distribution, cutting out the Wi-Fi connection. The methods to solve this bug is to either reinstall the distribution or let the OS to enter sleep mode.
CVE-2016-5195 – Privilege Escalation Bug Still Used Today
Being a very serious Linux vulnerability, this bug’s usage has resulted in multiple different privilege escalation which can lead to code-execution. And while the bug was patched somewhere around October 2016, many still feel concerned about the Linux distributions which are unpatched, because this vulnerability could lead to providing greater control over the Linux machines. The most targeted vendors by the vulnerability were Linux-based Web hosting providers who also give ability to use Shell access. This results in an infected user to compromise other neighbor users in the network. But it is not limited to other neighboring users, the vulnerability can even gain access to administrator machines. The vulnerability was discovered by Phil Oester, who stumbled upon the exploit, while using HTTP packet capturing software.
CVE-2014-0196 – The Five Year Bug
This bug is closely related to the memory-corruption of the Linux machine and it was released into public after the year 2009. It allows users with no privilege on the Linux machine to crash and enter malicious code on the compromised machine. The bug was discovered to be located in the n_tty_write function which is responsible for controlling an aspect of the pseudo tty in Linux machines. It has been reported to exist in various Linux distributions widely used at that time. The worse part of it, is that it wasn’t patched until 5 years after it’s discovery, giving it the nickname, “The 5 Year Old Bug”.
CVE-2016-10229 – Linux Remote Root Flow
This UDP exploiting flaw was discovered by Eric Dumazet a Google researcher who exposed that this flaw could be used to attack a system remotely and hijack the kernel box. Since the hacker has to go through a lot of pain, like create custom packers and trigger checksum operations, it has been categorized to not be as dangerous as initially though. Contudo, it’s proper configuration could have led to administrator users to be stripped of their privileges on Ubuntu and Debian distributions.