CVE-2017-2636: Linux local privilege escalation flaw in ‘n_hdlc’

Mattias Geniar, Thursday, March 9, 2017

This comes just weeks after the previous local root exploit (CVE-2017-6074 – local privilege escalation in DCCP).

This is an announcement of CVE-2017-2636, which is a race condition in the n_hdlc Linux kernel driver (drivers/tty/n_hdlc.c). It can be exploited to gain a local privilege escalation.

This driver provides HDLC serial line discipline and comes as a kernel module in many Linux distributions, which have CONFIG_N_HDLC=m in the kernel config.

Source: Linux kernel: CVE-2017-2636: local privilege escalation flaw in n_hdlc

Patching is, luckily, relatively trivial, as was the DCCP vulnerability.

$ echo "install n_hdlc /bin/true" >> /etc/modprobe.d/disable-n_hdlc.conf

Make sure to roll that one to your fleet of servers today!

Hi! My name is Mattias Geniar. I'm a Support Manager at Nucleus Hosting in Belgium, a general web geek & public speaker. Currently working on DNS Spy & Oh Dear!. Follow me on Twitter as @mattiasgeniar.

Share this post

Did you like this post? Will you help me share it on social media? Thanks!

Leave a Reply

Your email address will not be published. Required fields are marked *