Remote No

Type Privilege escalation

Description

A race condition flaw was found in the N_HLDC Linux kernel driver when accessing the n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to crash the system or increase their privileges on the system.

AVG-203 linux-zen 4.10.1-1 4.10.2-1 High Fixed FS#53242

AVG-201 linux-grsec 1:4.9.13.r201702261126-1 1:4.9.14.r201703121245-1 High Fixed FS#53242

AVG-200 linux-lts 4.9.13-1 4.9.14-1 High Fixed FS#53242

AVG-192 linux 4.10.1-1 4.10.2-1 High Fixed FS#53242

14 Mar 2017 ASA-201703-8 AVG-192 linux High privilege escalation

13 Mar 2017 ASA-201703-7 AVG-201 linux-grsec High privilege escalation

12 Mar 2017 ASA-201703-6 AVG-200 linux-lts High privilege escalation

16 Mar 2017 ASA-201703-13 AVG-203 linux-zen High privilege escalation

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=82f2341c94d270421f383641b7cd670e474db56b
http://seclists.org/oss-sec/2017/q1/569

Workaround: # echo "install n_hdlc /bin/true" >> /etc/modprobe.d/disable-n_hdlc.conf
Patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=82f2341c94d270421f383641b7cd670e474db56b
Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=be10eb7589337e5defbe214dae038a53dd21add8