A cyber-security firm (Perception Point )in Israel has discovered a very dangerous & vulnerable flaw in the Linux operating System which runs in many servers & Android devices. The flaw is found in the base Kernel of Linux which can lead to very serious danger to your devices running Linux. This is still not clear if the bug has been reported to Google who is developer of Android operating system for mobiles phones.
“The vulnerability is in the core Linux kernel, which is the same on desktops, servers, and Android devices,” says Yevgeny Pats, CEO of Perception Point .Further more he said, “It’s pretty bad because a user with legitimate or lower privileges can gain root access and compromise the whole machine,”
This flaw is related to back in 2012 with Linux Kernel version 3.8 or higher which will relate to devices running Android Kitkat 4.4 & higher.
It is related to ” a problematic flow in a security feature in the Linux kerne” which runs on the desktop computers & Mobile phones nowadays.
Affected products :
The flaw affects many devices running Linux in it like desktops, servers & mobile phones. The Affected versions include glibc-2.2 which was released on Nov 10, 2000. Although it is said that a patch was issued on May 21, 2013 (between the releases of glibc-2.17 and glibc-2.18),but still many system which were in operation were not recognized due to being running & thus not all the systems got this security patch. Newer system were shipped with the issues fixed but older one created problem.
Red Hat has already fixed this security flaw by a patch to their systems.
Recommended precautions :
- Focus on end point solution & provide regular security patches.
- Maintain the current & actual inventory .
- Create and practice a broad incident response plan. All activities related to these kind of flaws should be taken care of in this.
- Implement mitigating controls.
- Choose proper settings & Firewalls.
What company said :
Yevgeny Pats said on what to do in this scenario , “you have to have local access to the machine” which s very important considering the importance of the machine & the data inside it. The another method to get rid of this is develop a very strong Firewall with which the vulnerability of this kind be easily over flawed with harming any system components. For that we need to gain root access to the system which can be done “Using the API that the kernel provides, you can get root access to the machine.”
