Skip to main content
  1. Home
  2. Computing
  3. News

Researcher writes codeless exploit that bypasses Linux security measures

By

best linux distros
Spectral-Design/Shutterstock
If you’re a Linux administrator, then you’re likely aware that even being fully up to date on all of the patches for your Linux distribution of choice is no guarantee that you’re free from vulnerabilities. Linux is made up of numerous components, any of which can open up an installation to one exploit or another.

Such is the case with an exploit that was recently released by security researcher Chis Evans. Although the exploit is quite well-written and uses some unusual methods to exploit a memory corruption vulnerability in GStreamer, it is of primarily academic interest, Ars Technica reports.

The exploit attacks two security protections built into Linux, address space layout randomization (ASLR) and data execution protection (DEP). DEP is meant to block an exploit’s ability to load into memory and is otherwise known as NX or No-Execute, while ASLR is meant to randomize where code loads into memory and thus limit then exploit’s impact on a system to a crash rather than compromise.

Related

The exploit, which is written specifically for Linux distribution Fedora, does not use actual code to exploit the Gstreamer framework. Rather, it bypasses the protections with carefully written code that is arranged in such a way as to essentially disable ASLR and DEP. As Evans said about his code in a blog post, “This was a fairly ridiculous exploit. But it was worth doing because it’s proof that scriptless exploits are possible, even within the context of decent 64-bit ASLR. It was possible to commandeer memory reads, writes and even additions within the decoder loop to slowly but surely advance the exploit and gain control.”

The following screenshot demonstrates how Fedora can be commandeered using the exploit:

chris-evans-linux-exploit
Chris Evans
Chris Evans

Evans released his code as a FLAC media file supported by Fedora version 24, and exploits the GStreamer vulnerability and also attacks Rhythmbox and Totem media players. Because it’s written specifically for Fedora and would specifically only threaten the relatively small number of Linux users who play media on the platform, it doesn’t pose a threat to any other Linux distributions or to the community at large.

Researchers create these kinds exploits to help move the state of Linux security forward. By demonstrating how an exploit can be written to work around just about any vulnerability, exploits like this one highlight the need for Linux vendors to actively improve Linux security rather than merely reacting to threats as they arise.

Editors’ Recommendations

Topics
Mark Coppock
Mark Coppock
Computing Writer
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
Nvidia warns owners of its GPUs about a dangerous security vulnerability
Promotional photo of an Nvidia GeForce RTX 3090 graphics card.

Nvidia is warning GPU owners to update their graphics card drivers after the company discovered several high-level security vulnerabilities. ThreatPost reports that Nvidia found bugs in its virtual GPU software and the display driver that's required for the graphics card to function.

Nvidia has a table showing the drivers for its different product lines across Windows and Linux, but it doesn't really matter. It seems GeForce, Quadro, and Tesla drivers are vulnerable across Windows and Linux, so it's best to update your graphics driver regardless.

Read more
What is Linux? It’s a free operating system you may already use without knowing
What is Linux

MacOS and Windows are the two most popular desktop and laptop operating systems. They’re the two central OS choices dominating the desktop and laptop markets today. But have you heard of the alternative to both of these options? It's called Linux and it's entirely free, and very powerful.

What is Linux? It could be your next OS of choice.
A quick Linux history lesson
In 1991, when Terminator 2: Judgement Day was a massive hit in theaters, and Intel’s first 32-bit processor, the 80386, had become a widely-used chip in PCs, the Windows OS was still an infant. Unix was the most-used operating system at the time, both commercially and in academic institutions.

Read more
Massive iPhone security flaw left millions of phones vulnerable to hacks
iPhone Home screen and apps

Over half a billion iPhones are vulnerable to hackers, and iPads are susceptible, too — and Apple is still working to deploy its fix.

The issue — which was discovered by cybersecurity company ZecOps exec Zuk Avraham — lies with Apple’s Mail app, which leaves devices vulnerable to hackers, according to Reuters.

Read more