Many IoT devices, especially gateways, controllers, and industrial computers, run on Linux. It is important to ensure that the system is protected from various types of attacks. Therefore, the security of the system should be analyzed and devices should be updated regularly to prevent them from being vulnerable to attacks.
In this series, we will provide various information on Linux system security in devices.
Vulnerability Allowing Full Control of the System
A new vulnerability has been discovered in the Linux NetFilter kernel, allowing unprivileged local users to escalate their privileges to root level, enabling full control of the system.
This vulnerability has been registered under the identifier CVE-2023-32233 on May 10, 2023.
The security issue stems from Netfilter nf_tables accepting invalid updates to its configuration, allowing certain scenarios in which improper batch requests lead to damage to the subsystem's internal state. Netfilter is a packet filtering and network address translation (NAT) framework built into the Linux kernel, managed using front-end tools such as IPtables and UFW. According to the newly published guide, damage to the internal state of the system leads to a security vulnerability of the "use-after-free" type, which can be exploited to perform arbitrary reads and writes in kernel memory.
Security researchers Patryk Sondej and Piotr Krysiuk, who discovered and reported the issue to the Linux kernel team, have developed a PoC that allows unprivileged local users to launch a root shell on affected systems.
More information can be found in the provided link.
Security of Atreyo Products