Memory Leak Flaw in Linux Kernel's io_uring Could Lead to Privilege Escalation
CVE-2024-0582
Key Information
- Vendor
- Red Hat
- Status
- kernel
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux 8
- Vendor
- CVE Published:
- 16 January 2024
Badges
What is CVE-2024-0582?
CVE-2024-0582 is a vulnerability identified in the Linux kernel's io_uring functionality, which is designed for high-performance input/output operations. This flaw relates to how a user registers a buffer ring using the IORING_REGISTER_PBUF_RING method and subsequently manages memory with mmap() and free. Due to this vulnerability, a local user could exploit the memory leak, potentially leading to system crashes or privilege escalation. Such an escalation could enable unauthorized activities on the system, adversely impacting organizational security and operational integrity.
Technical Details
The vulnerability resides in the io_uring subsystem of the Linux kernel, specifically in the way buffers are managed when registered and accessed. The issue arises when a user registers a buffer ring with the IORING_REGISTER_PBUF_RING command and uses mmap() to map this buffer into memory. Upon freeing the buffer, the system fails to properly handle the memory allocated for the buffer, leading to a memory leak. This flaw can be exploited by local users who can thus increase their system privileges by manipulating the utilization of these buffers.
Impact of the Vulnerability
-
Privilege Escalation: The primary impact of CVE-2024-0582 is the potential for local users to elevate their privileges on the affected system, which could allow them to execute unauthorized commands or access restricted data.
-
System Stability Risks: The memory leak associated with this vulnerability can lead to system instability, resulting in crashes or degraded performance, which could disrupt critical services and operations within an organization.
-
Increased Attack Surface: The existence of this vulnerability may encourage malicious actors to attempt further exploits based on the elevated privileges gained, thereby broadening the attack surface and increasing the likelihood of additional compromises.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
Cyber Security InformerTop Cyber Security Informer Penetration Testing Security Awareness Content for March, 2024
Best content around Penetration Testing Security Awareness selected by the Cyber Security Informer community.
6 months ago
CybersecurityNewsCVE-2024-0582Linux Kernel Flaw Let Attackers Gain Full Root Access: PoC Published
A critical vulnerability in the Linux kernel's io_uring subsystem, which could allow attackers to gain full root access to affected systems.
9 months ago
Exodus IntelligenceCVE-2024-0582Mind the Patch Gap: Exploiting an io_uring Vulnerability in Ubuntu - Exodus Intelligence
By Oriol Castejón Overview In early January 2024, a Project Zero issue for a recently fixed io_uring use-after-free (UAF) vulnerability (CVE-2024-0582) was made public. Reading the issue description, it was apparent that the vulnerability allowed an attacker to obtain read and write access to a numb...
9 months ago
References
CVSS V3.1
Timeline
- 🟡
Public PoC available
- 📈
Vulnerability started trending
- 👾
Exploit known to exist
- 📰
First article discovered by Exodus Intelligence
Vulnerability Reserved
Vulnerability published