Linux vulnerable to privilege escalation

An advisory from Cisco issued last Friday, October 13th, gave us the heads-up on a local privilege escalation vulnerability in the Advanced Linux Sound Architecture (ALSA).

The bug is designated CVE-2017-15265, but its Mitre entry was still marked “reserved” at the time of writing. Cisco, however, had this to say about it before release:

“The vulnerability is due to a use-after-free memory error in the ALSA sequencer interface of the affected application. An attacker could exploit this vulnerability by running a crafted application on a targeted system. A successful exploit could allow the attacker to gain elevated privileges on the targeted system.”

The bug first went public when the patch was merged to the ALSA git tree, according to this discussion at SUSE’s Bugzilla.

Turned up by ADLab of Venustech, the use-after-free is triggered by a slip in snd_seq_create_port().

Read more…

Source: The Register