A set of AppArmor vulnerabilities

by
corbet
from LWN.net on (#747AM)
Qualys has sent out asomewhat breathless advisory describing a number of vulnerabilities inthe AppArmor security module, which is used in a number of Debian-baseddistributions (among others).

This "CrackArmor" advisory exposes a confused-deputy flaw allowingunprivileged users to manipulate security profiles viapseudo-files, bypass user-namespace restrictions, and executearbitrary code within the kernel. These flaws facilitate localprivilege escalation to root through complex interactions withtools like Sudo and Postfix, alongside denial-of-service attacksvia stack exhaustion and Kernel Address Space Layout Randomization(KASLR) bypasses via out-of-bounds reads.
External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments