A programming bug in the Linux kernel’s user-space crypto API can be exploited by attackers to gain root privileges on a target system. Worse still, several kernel security scene observers also suspect that the use after free memory error could also be exploited by the attacker to execute arbitrary malicious code. For this reason, the vulnerability (CVE-2019-8912) in the NIST’s National Security of Information Database (NIST) is 9.8 out of 10 possible – a critical gap.
All Linux kernels seem to be affected by the introduction of the module af_ag in the 2.6 kernel up to the current version 4.20.11. Although apparently only versions 4.10 and up are vulnerable, because a function that is necessary to exploit the error, was only then installed. Patches for the vulnerability have already been added to current development kernel releases. In which release versions the fix finally lands, is not yet known. Observers expect the bug fix to also feed into older kernel versions than Backport, as only a relatively small change is needed to close the vulnerability.
Submitted by: Arnfried Walbrecht