Zero-day vulnerabilities discovered: 1
Privilege escalation
The vulnerability allows a local user to escalate privileges.The vulnerability exists due to improper allocation of userspace memory required for the 32-bit compatibility layer within compat_alloc_user_space() function in include/asm/compat.h file on on 64-bit platforms. A local user can call compat_mc_getsockopt() function and gain control over vulnerable system.
Successful exploitation of the vulnerability allows a local non-privileged user to gain root privileges.
Based on the sophisticated and fully functional exploits this vulnerability was exploited in the wild for quite some time before the patch was issued.
Software: Linux kernel
Known/fameous malware:
Linux/Exploit.CVE-2010-3081.B
Links:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c41d68a513c71e35a14f66d717...
https://access.redhat.com/articles/40258
https://blogs.oracle.com/ksplice/entry/anatomy_of_an_exploit_cve
http://ryanuber.com/09-25-2010/cve-2010-3081.html
https://blog.nelhage.com/2010/11/exploiting-cve-2010-3081/
http://www.thushanfernando.com/index.php/2010/09/20/cve-2010-3081-64bit-linux-kernel-root-exploit/
https://people.canonical.com/~ubuntu-security/cve/2010/CVE-2010-3081.html
https://www.dshield.org/diary/CVE-2010-3081%2Bkernel%3A%2B64-bit%2BCompatibility%2BMode%2BStack%2BPo...
http://www.kdawebservices.com/blog/2010/09/linux-vulnerability-cve-2010-3081-local-but-serious//cve20103081_see_whether_youve_been_hacked_and/
https://xorl.wordpress.com/2010/10/06/cve-2010-3081-cve-2010-3301-linux-kernel-compat-privilege-esca...
http://www.thehostingnews.com/ksplice-launches-free-security-tool-for-high-profile-cve-2010-3081-lin...
https://www.mnxsolutions.com/security/ksplice-provides-patch-for-linux-kernel-exploit-cve-2010-3081....
http://www.pcworld.com/article/205867/linux_kernel_exploit_gives_hackers_a_back_door.html
https://linux.slashdot.org/story/10/09/20/0217204/linux-kernel-exploit-busily-rooting-64-bit-machine...