Easy-to-exploit privilege escalation bug bites OpenBSD and other big name OSes

Easy-to-exploit privilege escalation bug bites OpenBSD and other big name OSes

6 years ago
Anonymous $oIHRkISgaL

https://arstechnica.com/information-technology/2018/10/x-org-bug-that-gives-attackers-root-bites-openbsd-and-other-big-name-oses/

Several big-name Linux and BSD operating systems are vulnerable to an exploit that gives untrusted users powerful root privileges. The critical flaw in the X.org server—the open-source implementation of the X11 system that helps manage graphics displays—affects OpenBSD, widely considered to be among the most secure OSes. It also impacts some versions of the Red Hat, Ubuntu, Debian, and CentOS distributions of Linux.

An advisory X.org developers published Thursday disclosed the 23-month-old bug that, depending on how OS developers configure it, lets hackers or untrusted users elevate very limited system rights to unfettered root. The vulnerability, which is active when OSes run X.org in privileged (setuid) mode, allows files to be overwritten using the -logfile and -modulepath parameters. It also makes it trivial for low-privilege users to escalate system rights. A variety of nuances are leading to widely divergent assessments of the bug's severity.