CVE-2018-18955 kernel: Privilege escalation in map_write() in kernel/user_namespace.c

Preface: Linux makes very efficient use of the system’s resources.You can give new life to your old and slow Windows system by installing a lightweight Linux system. Variants of Linux are most widely used in the Internet of things and smart devices.

Vulnerability synopsis:
Namespaced mapping – when the two sorted arrays are used, the new code omits the ID transformation for the kernel . Found design flaw in kernel that DAC security controls on files whose IDs aren’t mapped in namespace.
So, user who has CAP_SYS_ADMIN in an affected user namespace can bypass access controls on resources outside the namespace.

Official details: https://github.com/torvalds/linux/commit/d2f007dbe7e4c9583eea6eb04d60001e85c6f1bd

Comment: The Linux operating system is heavily used in modern computer equipment. Will it have an impact soon?

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.