A major security flaw in the Linux Kernel’s Transparent Inter Process Communication (TIPC) module has been disclosed and a patch has been made available. This vulnerability (marked as CVE-2021-43267) can be exploited either locally or remotely to gain kernel privileges, thus allowing an attacker to compromise the entire system.

TIPC is an inter-process communication protocol that allows nodes in a cluster to communicate more efficiently with one another and establish a better level of fault tolerance than with other protocols such as TCP. The vulnerability exists in the message type called “MSG_CRYPTO,” which was introduced into TIPC in September 2020. Within this message type, there is no size validation in the “keylen” attribute, thus allowing an attacker to provide an arbitrary size for this attribute and write outside the bounds of allocated heap memory.

The TIPC module exists within a kernel module packaged with all major Linux distributions, but it is not loaded automatically by the system. The issue has since been addressed in Linux Kernel version 5.15, which was released on October 31^st of this year. There have, as of this writing, been no confirmed exploitation of this vulnerability in the wild.