How to protect your Linux Server against Local Privilege Escalation Vulnerability

Linux Server Against Local Privilege Escalation Vulnerability

What is Local Privilege Escalation Vulnerability?

Local Privilege Escalation Vulnerability is a security loophole in the Linux Kernel 3.8 or the superior version. It is caused by a NULL-pointer dereference. The hackers can gain access to the affected Linux servers and exploit it by injecting malicious codes into the systems. Even if the attack attempts fail, it will lead to DDoS situation which is no less harmful.

Who are affected by this vulnerability?

Servers or desktops running on Linux Kernel 3.8 or the superior version are vulnerable to Local Privilege Escalation bug. This Linux server security flaw also poses threat to two-thirds of android devices. Millions of Linux and android systems can be attacked by hackers if they do not use the security patch at the earliest.

How Local Privilege Escalation Vulnerability functions?

On the Linux system: The hackers can gain local access to the Linux systems and then they may affect the keyrings facility in the kernel, allowing it the access to cache security data, authentication keys and rest of the sensitive data on the system.

On Android devices: Android devices based on Kit-Kat and higher version can be easily attacked by the hackers by simply installing a malicious app on the affected devices.

How to protect your data against Local Privilege Escalation Vulnerability?

Security patches are available to fix the Local Privilege Escalation Vulnerability which users need to install on their systems and then reboot it. Different Linux version will need different patches.

For android users, the problem may persist for longer. The android devices are built with Linux kernel but they are not customized with standard Linux library. And, most of the updates have not been made automatically available by the carriers and the manufacturers. However, Supervisor Mode Execution Protection (SMEP) can protect the affected system from by hackers by not allowing the code execution. But remember this is not the permanent solution.

Immediately update your Linux and android systems with the right security patch against Local Privilege Escalation Vulnerability. If the bug is still not fixed or you need any other Linux server related support, do not hesitate to contact our tech-experts here.