On March 12, 2021 three vulnerabilities in Linux were publicly disclosed revealing kernel issues dating back fifteen years:
While the code is not remotely accessible, it is a force multiplier for any threat actor who already has compromised a user account or a misconfigured service. Despite Linux’s open source nature, Windows systems overshadow Linux based machines in the commercial enterprise markets and that can mean less eyes on critical services reviewing current and legacy code.
These issues effect all Linux distributions with researchers adding that a non-privileged user on all Red Hat distributions tested was able to load the kernel modules needed for exploitation. Debian based systems are vulnerable as well, just not so easily. Debian systems “…are in the same boat as Red Hat, where the user, depending on what packages are installed, can coerce it into getting loaded; then it’s there to be exploited,” according to Adam Nichols, principal of the Software Security practice at GRIMM.
