On March 7, 2017, a local elevation of privilege vulnerability in the Linux kernel was made public. A race condition in
drivers/tty/n_hdlc.c in the Linux kernels earlier than 4.10.1 allows local users to gain elevation of privilege or cause a denial of service by setting the HDLC line discipline.
This vulnerability was introduced as early as June 22, 2009. The Linux kernels released after that date may be affected.
See the following for more information about the vulnerability.
Linux kernel local elevation of privilege vulnerability in the n_hdlc driver
This vulnerability is due to a race condition in the n_hdlc driver (
drivers/tty/n_hdlc.c) of the Linux kernel. Successful exploits can lead to local elevation of privilege to the highest administrator privilege, allowing the attacker to gain the highest level of permissions in the operating system.
The n_hdlc driver provides the HDLC serial line discipline and comes as a kernel module in many Linux releases, which have
CONFIG_N_HDLC = m in the kernel configuration.
Condition and method of exploitation
An unprivileged user can exploit this vulnerability to gain local elevation of privilege in a Linux operating system.
Linux kernel 2.6.31 and later with
CONFIG_N_HDLC=y/m in the kernel configuration.
How to fix or mitigate
Manually upgrade to the latest kernel version.
Note: Back up snapshots before the upgrade.
. Red Hat Enterprise Linux/CentOS: https://access.redhat.com/security/cve/CVE-2017-2636
. Debian: https://security-tracker.debian.org/tracker/CVE-2017-2636
. Ubuntu: https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-2636.html
. SUSE/openSUSE: https://www.suse.com/security/cve/CVE-2017-2636.html