[Tails-dev] Upgrading the Linux kernel for 1.0?

Delete this message

Reply to this message
Autore: David Goulet
Data:  
To: tails-dev
Oggetto: [Tails-dev] Upgrading the Linux kernel for 1.0?
Here is my analysis of CVE-2014-2568 and CVE-2014-0131 in terms of
security severity for Tails.

CVE-2014-2568 [1]:

Upstream patch: https://lkml.org/lkml/2014/3/20/421

This is an information leak from the kernel meaning an attacker could
use that data to help build an other attack but can not be used to
trigger code execution or a direct exploit. This is useful for instance
for being able to acquire the memory layout of the kernel and identify
the offset of the kernel stack which can be used with an other issue to
fully exploit.

Now, for Tails, I don't think this is critical but this kind of issue is
always important to fix since it can leads to active exploits.

CVE-2014-0131 [2]:

Upstream patch: http://marc.info/?l=linux-netdev&m=139446896921968&w=2

This is still an information leak but a bit more serious since an
attacker could potentially leak kernel memory over the wire thus
possibly exfiltrating kernel data which is usually *very* bad. This is
NOT an issue that alone can be used for code execution.

Again, I don't think this is critical for Tails to patch. To trigger
that, an attacker would need either to actively trigger the leak locally
or exploit an application to somehow do that.


So in the long run, this should of course be fixed in Tails because this
is usually the first step before an active exploitation of the kernel
meaning having kernel memory information like the layout of the stack.

Hope this help! Please, if you think I'm wrong or that you think I
forgot stuff, don't hesitate to reply! :)

Cheers!
David

[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2568
[2] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0131