Linux ALSA Vulnerability

[Dr R]

There isn't a LINUX group on the forums, so this seems the best place to post this, copied from my organisation's regular security bulletin:

"
Linux vulnerable to privilege escalation
THREAT CATEGORY:VULNERABILITY EXPLOIT / INDUSTRY:GENERAL / COUNTRY/REGION:GLOBAL

An advisory from Cisco issued on October 13th, gave us the heads-up on a local privilege escalation vulnerability in the Advanced Linux Sound Architecture (ALSA). A vulnerability in the Linux Kernel could allow a local attacker to gain elevated privileges on a targeted system. The vulnerability is due to a use-after-free memory error in the ALSA sequencer interface of the affected application. An attacker could exploit this vulnerability by running a crafted application on a targeted system. A successful exploit could allow the attacker to gain elevated privileges on the targeted system. Kernel.org has confirmed the vulnerability. A patch is available. To exploit this vulnerability, the attacker must have local access to the targeted system. This access requirement may reduce the likelihood of a successful exploit.

Analyst Comment:
There is currently limited information on this vulnerability and Linux software vendors are still investigating whether their products are affected. Based on the vulnerability that is being exploited, an attacker would need at least a regular user account on the target system in order to exploit this vulnerability to escalate his or her privileges. Therefore, this vulnerability is likely used as part of the post exploitation phase once the attack has managed to gain access to the victim's environment through other means.

Reference:
[www.theregister.co.uk, 16 Oct 2017]
https://www.theregister.co.uk/2017/10/15/advanced_linux_sound_architecture_vulnerable_to_privilege_escalation/
"

Crafting malware for Linux sound applications is pretty niche compared to mass-mailing MS-Word Trojans, but if there are organisations using Linux in their commercial workflow then it's a route in to steal intellectual property.

Regards,

Rich

[Hugh Robjohns]

There isn't a LINUX group on the forums, so this seems the best place to post this...

I thought LINUX was an OS... so wouldn't the 'APPS & OTHER COMPUTERS/OS' forum be more appropriate?

That's where I've moved it anyway!

H

[Folderol]

"To exploit this vulnerability, the attacker must have local access to the targeted system."

That sentence underlines that it is rather difficult for anyone to actually do this unless they are either sitting at the machine, or have been specifically given remote access.

[Dr R]

Not sure quite how I missed this forum Hugh, but thanks for moving the post.

Agreed it's a hard attack vector to exploit, but being aware is better than being ignorant. The more worrying issue is the flaw in the standard implementation of WiFi encryption used in practically every device on the planet.
http://www.bbc.co.uk/news/technology-41635516

I have a tin foil hat, but don't wear it as it makes me look unbalanced

R