ArchLinux: 201703-6: linux-lts: privilege escalation
Summary
A race condition flaw was found in the N_HLDC Linux kernel driver when accessing the n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to crash the system or increase their privileges on the system.
Resolution
Upgrade to 4.9.14-1.
# pacman -Syu "linux-lts>=4.9.14-1"
The problem has been fixed upstream in version 4.9.14.
References
https://bugs.archlinux.org/task/53242 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=82f2341c94d270421f383641b7cd670e474db56b https://seclists.org/oss-sec/2017/q1/569 https://security.archlinux.org/CVE-2017-2636
Workaround
# echo "install n_hdlc /bin/true" >> /etc/modprobe.d/disable-n_hdlc.conf