CVE-2017-2636: Linux local privilege escalation flaw in ‘n_hdlc’

Mattias Geniar, Thursday, March 9, 2017

This comes just weeks after the previous local root exploit (CVE-2017-6074 – local privilege escalation in DCCP).

This is an announcement of CVE-2017-2636, which is a race condition in the n_hdlc Linux kernel driver (drivers/tty/n_hdlc.c). It can be exploited to gain a local privilege escalation.

This driver provides HDLC serial line discipline and comes as a kernel module in many Linux distributions, which have CONFIG_N_HDLC=m in the kernel config.

Source: Linux kernel: CVE-2017-2636: local privilege escalation flaw in n_hdlc

Patching is, luckily, relatively trivial, as was the DCCP vulnerability.

$ echo "install n_hdlc /bin/true" >> /etc/modprobe.d/disable-n_hdlc.conf

Make sure to roll that one to your fleet of servers today!



Hi! My name is Mattias Geniar. I'm a Support Manager at Nucleus Hosting in Belgium, a general web geek, public speaker and podcaster. Currently working on DNS Spy. Follow me on Twitter as @mattiasgeniar.

I respect your privacy and you won't get spam. Ever.
Just a weekly newsletter about Linux and open source.

SysCast podcast

In the SysCast podcast I talk about Linux & open source projects, interview sysadmins or developers and discuss web-related technologies. A show by and for geeks!

cron.weekly newsletter

A weekly newsletter - delivered every Sunday - for Linux sysadmins and open source users. It helps keeps you informed about open source projects, Linux guides & tutorials and the latest news.

Share this post

Did you like this post? Will you help me share it on social media? Thanks!

Leave a Reply

Your email address will not be published. Required fields are marked *