CVE-2017-7874: Linux Kernel 4.8.0 UDEV < 232 Local Privilege Escalation Vulnerability

by CIRT Team

Description:  udevd in udev 232, when the Linux kernel 4.8.0 is used, does not properly verify the source of a Netlink message, which allows local users to execute arbitrary commands by leveraging access to the NETLINK_KOBJECT_UEVENT family, and the presence of the /lib/udev/rules.d/50-udev-default.rules file, to provide a crafted REMOVE_CMD value.

Impact: Local attackers may exploit this issue to execute arbitrary commands with elevated privileges.

Mitigation: Updates are available. Please check specific vendor advisory for more information.

Reference URL’s:

• http://www.securityfocus.com/bid/97679
• http://www.cvedetails.com/cve/CVE-2017-7874/
• https://access.redhat.com/security/cve/cve-2016-7874
• https://security-tracker.debian.org/tracker/CVE-2017-7874

CIRT Team

Recommended Posts

Active Exploitation of Critical F5 BIG – IP Vulnerability (CVE–2023-46747) Uncovered in Bangladesh

06 Nov 2024 - Security Advisories & Alerts

Emerging Threat_Stealer Malware (Lumma C2) Campaign with fake CAPTCHA pages

08 Oct 2024 - Security Advisories & Alerts

Detection of Fog Ransomware Footprint in Cyber Space of Bangladesh

12 Sep 2024 - Security Advisories & Alerts