StackRot Linux Kernel Bug Patched, Exploit Code being built
Take action: You don't need to rush into this patch - the patch is available but the exploit is not trivial. But bear in mind that the exploit PoC code will be publiished and attackers will combine it with other exploits and vulnerabilities. So it's wise to start planning for an update of your linux instances, especially those that have an exposed online service.
Learn More
A critical vulnerability in the Linux kernel, known as StackRot (CVE-2023-3269), has been patched by a response team led by Linux creator Linus Torvalds.
The bug affects Linux kernel versions 6.1 through 6.4 and allows attackers to escalate privileges on affected systems.
The vulnerability, which was discovered by security researcher of Peking University, affects almost all Linux kernel configurations and has been has been merged into the Linux kernel 6.5. The patches have since been backported to kernels 6.1.37, 6.2.11, and 6.4.1, "effectively resolving the 'Stack Rot' bug on July 1st
The exploit code and a detailed write-up of the vulnerability will be made publicly available by the end of July.
This marks the first successful exploitation of a use-after-free-by-RCU bug, a type of vulnerability that combines the use-after-free and Read-Copy-Update (RCU) mechanisms in the Linux kernel. While UAFBR vulnerabilities can be dangerous, they are not easy to exploit due to delays in memory deallocation.
