CLONE_FS chroot exploit Security issue
Environment
- Red Hat Enterprise Linux
Issue
A new critical Linux exploit was discovered and we need to check if it exploits our environment (Currently running RHEL-5.9, 6.2 and 6.3). This new exploit will help a hacker to clone a root user using a specific library.
http://stealth.openwall.net/xSports/clown-newuser.c
Resolution
The CVE-2013-1858 is related the 'http://stealth.openwall.net/xSports/clown-newuser.c' and is the official Red Hat CVE for subjected privilege escalation flaw.
(CVE-2013-1858) CVE-2013-1858 kernel: CLONE_NEWUSER | CLONE_FS chroot exploit
https://bugzilla.redhat.com/show_bug.cgi?id=921448
Our Security Response Team checked it and verified that this issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG 2.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments